Am 17.09.2012 22:55, schrieb Reindl Harald: > > > Am 17.09.2012 22:51, schrieb l...@airstreamcomm.net: >> We would like to block a couple ranges of ips before a sasl login is able to >> happen. Smtpd_recipient_restrictions >> looks like this: >> >> smtpd_recipient_restrictions = >> permit_mynetworks, >> check_client_access cidr:/etc/postfix/restricted >> permit_sasl_authenticated, >> check_client_access mysql:/etc/postfix/authb4smtp.cf, >> reject_unauth_destination >> >> Just want to confirm this configuration will reject connections before sasl >> is allowed. Also would it make more >> sense to put the check_client_access cidr:/etc/postfix/restricted in >> smtpd_client_restrictions instead? > > why block them in the application layer instead on > the packet-filter of the OS and make the postfix > config more complex this way? >
blocking with postfix, has the chance to give some blocking reason, perhaps this is more gentle sometimes -- Best Regards MfG Robert Schetterer
