Am 17.09.2012 22:51, schrieb l...@airstreamcomm.net: > We would like to block a couple ranges of ips before a sasl login is able to > happen. Smtpd_recipient_restrictions > looks like this: > > smtpd_recipient_restrictions = > permit_mynetworks, > check_client_access cidr:/etc/postfix/restricted > permit_sasl_authenticated, > check_client_access mysql:/etc/postfix/authb4smtp.cf, > reject_unauth_destination > > Just want to confirm this configuration will reject connections before sasl > is allowed. Also would it make more > sense to put the check_client_access cidr:/etc/postfix/restricted in > smtpd_client_restrictions instead?
why block them in the application layer instead on the packet-filter of the OS and make the postfix config more complex this way?
signature.asc
Description: OpenPGP digital signature
