Viktor Dukhovni <postfix-users <at> dukhovni.org> writes: > Replace "OK" with: > > /etc/postfix/whitelist_client.cidr: > 192.0.2.1/32 permit_sasl_authenticated >
Sorry Viktor, I have another question: what happens if a client is whitelisted AND it fails SASL authentication? I suppose that the following directives are evaluated, aren't they? So, in such cases, there is a query to the rbl, another (failed) check for SASL authentication (if the IP is not listed), and the final reject due to reject_unauth_destination. So, is it correct to create the file /etc/postfix/whitelist_client.cidr with entries like: 192.0.2.1/32 permit_sasl_authenticated,reject The additional reject should prevent further evaluation of restrictions outside (and following) the access table. Thanks again for your help. Fabio
