wie...@porcupine.org (Wietse Venema) writes: > Here's a test with a host with /32 patterns in mynetworks: > > # postconf mynetworks smtpd_recipient_restrictions smtpd_relay_restrictions > mynetworks = 127.0.0.1/32 192.168.1.2/32 192.168.122.1/32 168.100.189.7/32 > smtpd_recipient_restrictions = > smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, > defer_unauth_destination > > Logging: > > Feb 15 10:39:23 wzv postfix/smtpd[10244]: match_hostaddr: mynetworks: > 192.168.1.2 ~? 192.168.1.2/32 > Feb 15 10:39:23 wzv postfix/smtpd[10244]: match_list_match: > permit_mynetworks: no match > Feb 15 10:39:23 wzv postfix/smtpd[10244]: generic_checks: > name=permit_mynetworks status=1 > Feb 15 10:39:23 wzv postfix/smtpd[10244]: >>> END Recipient address > RESTRICTIONS <<< > Feb 15 10:39:23 wzv postfix/smtpd[10244]: >>> CHECKING RECIPIENT MAPS <<< > > The "status=1" means that there was a match.
Ah, indeed! (But then it does > Postfix 2.10 introduces smtpd_relay_restrictions which allows you > to separate spam control (smtpd_recipient_restrictions) from mail > relay control (smtpd_relay_restrictions). > > What is your output for: > > $ postconf smtpd_recipient_restrictions smtpd_relay_restrictions smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_client_access hash:/etc/postfix/rbl_override_whitelist, check_policy_service unix:private/policy-spf, check_policy_service unix:/var/spool/postfix/postgrey/socket smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination In the log, it goes on from there like this: ... Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: name=permit_mynetworks status=1 Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: >>> END Recipient address RESTRICTIONS <<< Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: >>> START Recipient address RESTRICTIONS <<< Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: name=permit_sasl_authenticated Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: name=permit_sasl_authenticated status=0 Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: name=reject So I guess I don't understand why it goes on after permit_mynetworks. -- Regards, Mike