On Mon, Feb 11, 2013 at 03:19:52PM +0000, Fabio Sangiovanni wrote:
> I have another question: what happens if a client is whitelisted AND it fails
> SASL authentication?
The whitelist only applies to authenticated users. Unauthenticated users
are treated like everyone else.
> I suppose that the following directives are evaluated, aren't they?
> So, in such cases, there is a query to the rbl, another (failed) check for
> SASL authentication (if the IP is not listed), and the final reject due to
> reject_unauth_destination.
>
> So, is it correct to create the file /etc/postfix/whitelist_client.cidr with
> entries like:
> 192.0.2.1/32 permit_sasl_authenticated,reject
>
> The additional reject should prevent further evaluation of restrictions
> outside
> (and following) the access table.
You're working too hard, the suggested settings should work just fine.
--
Viktor.
