wie...@porcupine.org (Wietse Venema) writes:

> Here's a test with a host with /32 patterns in mynetworks:
>
> # postconf mynetworks smtpd_recipient_restrictions smtpd_relay_restrictions
> mynetworks = 127.0.0.1/32 192.168.1.2/32 192.168.122.1/32 168.100.189.7/32
> smtpd_recipient_restrictions =
> smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, 
> defer_unauth_destination
>
> Logging:
>
> Feb 15 10:39:23 wzv postfix/smtpd[10244]: match_hostaddr: mynetworks: 
> 192.168.1.2 ~? 192.168.1.2/32
> Feb 15 10:39:23 wzv postfix/smtpd[10244]: match_list_match: 
> permit_mynetworks: no match
> Feb 15 10:39:23 wzv postfix/smtpd[10244]: generic_checks: 
> name=permit_mynetworks status=1
> Feb 15 10:39:23 wzv postfix/smtpd[10244]: >>> END Recipient address 
> RESTRICTIONS <<<
> Feb 15 10:39:23 wzv postfix/smtpd[10244]: >>> CHECKING RECIPIENT MAPS <<<
>
> The "status=1" means that there was a match.

Ah, indeed!  (But then it does

> Postfix 2.10 introduces smtpd_relay_restrictions which allows you
> to separate spam control (smtpd_recipient_restrictions) from mail
> relay control (smtpd_relay_restrictions).
>
> What is your output for:
>
> $ postconf smtpd_recipient_restrictions smtpd_relay_restrictions

smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, 
reject_unauth_destination, check_client_access 
hash:/etc/postfix/rbl_override_whitelist, check_policy_service 
unix:private/policy-spf, check_policy_service 
unix:/var/spool/postfix/postgrey/socket
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, 
defer_unauth_destination

In the log, it goes on from there like this:

...
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: 
name=permit_mynetworks status=1
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: >>> END Recipient 
address RESTRICTIONS <<<
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: >>> START 
Recipient address RESTRICTIONS <<<
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: 
name=permit_sasl_authenticated
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: 
name=permit_sasl_authenticated status=0
Feb 16 03:38:48 deinprogramm postfix/submission/smtpd[76503]: generic_checks: 
name=reject

So I guess I don't understand why it goes on after permit_mynetworks.

-- 
Regards,
Mike

Reply via email to