On 12/6/2012 4:29 PM, Dan Lists wrote: > We relay email for our customers. They had some accounts Phished. I > wanted to hold email from those users so I could see the spam that was > going out and requeue the valid email. > > In main.cf I have: > > smtpd_sender_restrictions = > check_sender_access hash:$config_directory/sender_domains, > reject > > sender_domains has: > > u...@domain.tld HOLD > domain.tld OK > > What u...@domain.tld sends email I get: > > Dec 6 16:14:26 mailserver postfix/smtpd[47661]: NOQUEUE: hold: RCPT > from clientserv[12.34.56.78]: <u...@domain.tld>: Sender address > triggers HOLD action; from=<u...@domain.tld> to=<re...@other.dom> > proto=ESMTP helo=<clientserv> > Dec 6 16:14:26 mailserver postfix/smtpd[47661]: NOQUEUE: reject: RCPT > from clientserv[12.34.56.78]: 554 5.7.1 <u...@domain.tld>: Sender > address rejected: Access denied; from=<u...@domain.tld> > to=<re...@other.dom> proto=ESMTP helo=<clientserv> > > What am I doing wrong?
Just a misconception... HOLD does not immediately freeze the message, nor does it instruct postfix to accept the message. Processing continues and a later restriction can still reject the message. Probably the easiest solution here it to create your own HOLD_OK action so it works as you expect. # main.cf smtpd_restriction_classes = HOLD_OK HOLD_OK = reject_unauth_destination check_client_access static:hold permit Then, in your sender_domain file, u...@domain.tld HOLD_OK domain.tld OK -- Noel Jones
