On Thu, Sep 20, 2012 at 06:47:44AM -0400, Wietse Venema wrote: > Brad Smith: > > postscreen_whitelist_interfaces = !IPv4, static:all > > Where does the documentation promise that IPv4 is a "server IP address"?
It shows it right in the example below and the second paragraph explains this. > Wietse > > postscreen_whitelist_interfaces (default: static:all) > A list of local postscreen(8) server IP addresses where a non- > whitelisted remote SMTP client can obtain postscreen(8)'s temporary > whitelist status. This status is required before the client can talk to > a Postfix SMTP server process. By default, a client can obtain > postscreen(8)'s whitelist status on any local postscreen(8) server IP > address. > > When postscreen(8) listens on both primary and backup MX addresses, the > postscreen_whitelist_interfaces parameter can be configured to give the > temporary whitelist status only when a client connects to a primary MX > address. Once a client is whitelisted it can talk to a Postfix SMTP > server on any address. Thus, clients that connect only to backup MX > addresses will never become whitelisted, and will never be allowed to > talk to a Postfix SMTP server process. > > Example: > > /etc/postfix/main.cf: > # Don't whitelist connections to the backup IP address. > postscreen_whitelist_interfaces = !168.100.189.8, static:all -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
