On Mon, Nov 05, 2012 at 11:14:43AM -0500, James Chase wrote: [attribution reconstructed] > > > James: > > rob0: > > and another > > > > > check_recipient_access > > > pcre:/etc/postfix/MISC_CHECKS/ascii.pcre, check_sender_mx_access > > > cidr:/etc/postfix/NETWORK_CHECKS/drop.cidr, check_policy_service > > > inet:127.0.0.1:10023, check_helo_access > > > pcre:/etc/postfix/NETWORK_CHECKS/helo_hostnames.pcre, > > > pcre:/etc/postfix/EMAIL_ADDRESS_CHECKS/to_recipients_bw.regexp > > > reject_non_fqdn_helo_hostname reject_invalid_helo_hostname > > > > See "man postmap" and the -q option to query your maps: > > > > postmap -q unmunged@sender.address maptype:mapname
FWIW I do appreciate those who take the time to trim excess quotes from list posts, but you trimmed out the relevant stuff and left not-so-relevant stuff. I did say it would have been easier if you had shared the contents of your check_sender_access maps. For that matter, you might have found the entry yourself, just by looking in the file. You had one that said something about "my domain" in the filename. That's my WAG: you have your former (migrating) domain name listed there, with a reject. > I tried this on all the areas you pointed out but nothing came back > as being a REJECT. Is this possible? It's probable that you munged the log line you showed, and it is certain that if you cannot figure it out yourself, you should not be munging domain names, and you should disclose the contents of your check_sender_access maps. > I did find one rule that looked suspicious just in a manual review > but changing it and running postmap again didn't make a different > in terms of the reject message. > > Most of our reject rules are labeled except where we are blocking > because of an e-mail address pattern, so I would think it was > obvious if it was a rule we were using that was NOT an e-mail > address block. Why the exception? Why not label them all? You can even give a rejected client an informative message, visible to them and also recorded in your logs. > I did not know about the postmap query mode, but now that I have > run it on all the restrictive maps and come up with no matches I > am more confused where this block is happening. Another suggestion: a recursive, case-ignored grep of /etc/postfix for the domain in question. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
