But in this case the client IP is *not* listed in $mynetworks, so it is not being matched (it's a public IP that is not listed anywhere).
Edwin 2014-09-05 21:44 GMT+01:00 Jim Reid <j...@rfc1035.com>: > On 5 Sep 2014, at 21:36, Edwin Marqe <edwinma...@gmail.com> wrote: > >> I have this in my Postfix config: >> >> smtpd_helo_restrictions = >> permit_mynetworks >> reject_non_fqdn_helo_hostname >> reject_unknown_helo_hostname >> permit >> >> However, any time I connect via telnet to this server and specify >> *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions >> won't trigger. > > Well what do you expect would happen when the first of these restrictions is > permit_mynetworks? From TFM: > permit_mynetworks > Permit the request when the client IP address matches any > network or network address listed in $mynetworks. > > > Note that this check is on the IP address that connects to the server, not > what it says in the HELO/EHLO handshake. Those checks come later in your > config. But they won't get tried when the connecting IP address has already > matched something in $mynetworks.
