Hi,
smtpd_recipient_restrictions =
----------------------------
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unlisted_recipient,
permit_mynetworks,
reject_unauth_destination,
check_client_access hash:/etc/postfix/client_checks,
check_sender_access hash:/etc/postfix/sender_checks,
------------------- -------------------------------
reject_unknown_sender_domain,
----------------------------
reject_unknown_recipient_domain,
reject_rhsbl_reverse_client mykey.dbl.dq.spamhaus.net,
reject_rhsbl_sender mykey.dbl.dq.spamhaus.net,
reject_rhsbl_helo mykey.dbl.dq.spamhaus.net,
check_helo_access pcre:/etc/postfix/helo_checks.pcre,
check_helo_access hash:/etc/postfix/helo_checks,
reject_invalid_helo_hostname,
check_policy_service inet:127.0.0.1:2501,
check_recipient_access pcre:/etc/postfix/relay_recips_access,
check_recipient_access pcre:/etc/postfix/property_recip_map,
check_recipient_access pcre:/etc/postfix/recipient_checks,
check_recipient_access pcre:/etc/postfix/relay_recips_ecartis,
permit
smtpd_sender_restrictions = reject_unknown_sender_domain
------------------------- ----------------------------
Yes, thanks so much. I just came back to check my mail and follow up
that I just figured it out! It occurred to me when I realized I had
somehow lost track that I was working with recipient restrictions.
These check_{client,sender}_access restrictions have been in the
recipient restrictions section for a long time, without realizing I was
doing it incorrectly.
Instead, I've configured sender, client, and helo restrictions, as such,
and removed them all from recipient restrictions:
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/sender_checks
reject_unknown_sender_domain
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/client_checks,
check_client_access cidr:/etc/postfix/client_access_blocklist
smtpd_helo_restrictions =
check_helo_access pcre:/etc/postfix/helo_checks.pcre,
check_helo_access hash:/etc/postfix/helo_checks
Does that now seem correct?
Thanks,
Alex
