On 11/6/2014 4:10 PM, terrygalant.li...@fastest.cc wrote: > Hi, > > I've added a sender restriction > > postconf -n > ... > smtpd_sender_restrictions = hash:/path/to/reject_senders, > check_sender_access ... > ... >
The above deprecated syntax assumes "check_sender_access hash:/path/to/reject_senders" Don't leave out the "check_sender_access" part. > It's convenient for early rejection of lists of senders, and seems to work as > expected for, > > cat /path/to/reject_senders > ... > b...@domain1.com REJECT Ok. > @domain2.com REJECT will never match anything. > ted@ REJECT Ok, will match all users "ted@*" > domain3.com REJECT Ok, will reject *@domain3.com > ... > > I'd like to add an early reject for all mail from the ".link" TLD. But, this > > .link REJECT With the default setting of parent_domain_matches_subdomains, ".link" won't match anything. Use "link" instead. > > added to /reject_senders would, I think, trigger on ANY instance of ".link", > including, e.g., > > y...@test.linkedin.com Never a concern with an indexed file. > > So, I need to (somehow) terminate the match. > > Is that correctly do-able in the hash: above? E.g., > > .link$ REJECT > > or somesuch? Or would that NEED to be in a regex match? Or, other, better > option? This is only a concern if you're using regexp or pcre tables. See the docs for access tables, pay attention to the various "ADDRESS PATTERNS" sections. http://www.postfix.org/access.5.html -- Noel Jones
