Ciao,
According to the Policyd-Weight Howto it can/should be possible to set
it as last instance of the restrictions:
01: smtpd_helo_required = yes # required
02: smtpd_delay_reject = yes # suggested
03:
04: smtpd_recipient_restrictions =
05: permit_mynetworks, # required
06: ... other authed permits ...
07: ... (permit_sasl_authenticated) ...
08: reject_unauth_destination, # required
09: ... whitelists (role accounts, clients) ...
10: reject_non_fqdn_recipient, # suggested
11: reject_invalid_helo_hostname, # suggested
12: check_policy_service inet:127.0.0.1:12525 # required
So I can allow,reject as first and then filter again thru Policyd and
Tumgrespf.
Quoting Alessio Cecchi <ales...@skye.it>:
Il 28/01/2014 18:01, Marc B ha scritto:
Hi,
I've got a small issue with our Postfix Relay which doesn't use the
Policyd-Weight daemon or Tumgreyspf which it should. The Policy-Weight
daemon is running and listen if I test it and the config has no errors
but still Postfix just ignores the policy service and proceeds the mail
to Amavis.
[...]
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination, check_recipient_access
hash:/etc/postfix/relaydomains, check_policy_service
unix:private/tumgreyspf, check_policy_service inet:127.0.0.1:12525
You must set check_policy_service as first check:
smtpd_recipient_restrictions =
check_policy_service unix:private/tumgreyspf
check_policy_service inet:127.0.0.1:12525
permit_sasl_authenticated
[...]
Ciao
--
Alessio Cecchi is:
@ ILS -> http://www.linux.it/~alessice/
on LinkedIn -> http://www.linkedin.com/in/alessice
Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz
Cloud Email Hosting -> http://www.qboxmail.com
@ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it
