looks like smtpd_recipient_restrictions check_client_access is being ignored ?

Mon, 23 Jun 2014 04:19:34 -0700 

I have just built 2.11.1 from source, but otherwise retained 
my old config. 

For outgoing mail via port 587, I have the following:

smtpd_recipient_restrictions=permit_mynetworks,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        permit_sasl_authenticated,
        check_client_access hash:/etc/postfix-in/pop-before-smtp
        reject_unauth_destination

Judging by a trace, it looks like "check_client_access" is being
ignored?

smtpd[20213]: >>> START Recipient address RESTRICTIONS <<<
smtpd[20213]: generic_checks: name=permit_mynetworks
smtpd[20213]: permit_mynetworks: kzinti.enidan.ch 88.198.24.135
smtpd[20213]: match_hostname: kzinti.enidan.ch ~? 192.168.2.0/24
smtpd[20213]: match_hostaddr: 88.198.24.135 ~? 192.168.2.0/24
smtpd[20213]: match_hostname: kzinti.enidan.ch ~? 127.0.0.0/8
smtpd[20213]: match_hostaddr: 88.198.24.135 ~? 127.0.0.0/8
smtpd[20213]: match_hostname: kzinti.enidan.ch ~? 10.42.8.253
smtpd[20213]: match_hostaddr: 88.198.24.135 ~? 10.42.8.253
smtpd[20213]: match_hostname: kzinti.enidan.ch ~? 10.42.8.249
smtpd[20213]: match_hostaddr: 88.198.24.135 ~? 10.42.8.249
smtpd[20213]: match_hostname: kzinti.enidan.ch ~? 192.168.3.0/24
smtpd[20213]: match_hostaddr: 88.198.24.135 ~? 192.168.3.0/24
smtpd[20213]: match_list_match: kzinti.enidan.ch: no match
smtpd[20213]: match_list_match: 88.198.24.135: no match
smtpd[20213]: generic_checks: name=permit_mynetworks status=0
smtpd[20213]: generic_checks: name=permit_sasl_authenticated
smtpd[20213]: generic_checks: name=permit_sasl_authenticated status=0
smtpd[20213]: generic_checks: name=defer_unauth_destination
smtpd[20213]: reject_unauth_destination: [email protected]
smtpd[20213]: permit_auth_destination: [email protected]
smtpd[20213]: ctable_locate: leave existing entry key
[email protected]
smtpd[20213]: NOQUEUE: reject: RCPT from
kzinti.enidan.ch[88.198.24.135]: 454 4.7.1 <[email protected]>: Relay
access denied; from=<[email protected]> to=<[email protected]>
proto=ESMTP helo=<klop99>
smtpd[20213]: generic_checks: name=defer_unauth_destination status=2
smtpd[20213]: >>> END Recipient address RESTRICTIONS <<<


Should there not be a trace entry after "permit_sasl_authenticated
status=0" that checks my pop-before-smtp table?
What am I over looking?


-- 
Per Jessen, Zürich (24.9°C)
http://www.dns24.ch/ - your free DNS host, made in Switzerland.

Reply via email to