[Matt Horrocks]

Hi,

I'm setting up postfix for the first time.
In the UK, the entire sky.com <http://sky.com> ip range is on the 
Spamhaus PBL [http://www.spamhaus.org/pbl/query/PBL251585 
<http://www.spamhaus.org/pbl/query/PBL251585>].

I thought that the main.cf <http://main.cf> below would allow my users 
who happen to be on the sky.com <http://sky.com> network to send mail 
through my server, but it doesn't - sky.com <http://sky.com> users get a 
relay denied error, which I've traced to the 
"smtpd_recipient_restrictions reject_rbl_client zen.spamhaus.org" setting.

The users should already be authenticated by "smtpd_sender_restrictions 
permit_sasl_authenticated", so why does the 
"smtpd_recipient_restrictions reject_rbl_client zen.spamhaus.org" check 
stop their mail being sent?

Thanks,
Matt

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
home_mailbox = Maildir
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination =
myhostname = server.polyvisual-services.co.uk
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, permit
smtpd_recipient_restrictions = permit_sasl_authenticated, 
reject_non_fqdn_sender, reject_non_fqdn_recipient, 
reject_unknown_sender_domain, reject_unknown_recipient_domain, 
reject_unauth_pipelining, permit_mynetworks, 
reject_unauth_destination,               reject_rbl_client 
zen.spamhaus.org,               permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated, 
permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, 
permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_gid_maps = static:5000
virtual_mailbox_base = /
virtual_mailbox_domains = ldap:/etc/postfix/ldap-domains.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap-maps.cf
virtual_uid_maps = static:5000