Hey all, long time since I was last here... which goes to show just how
good Postfix is I guess ;-)
Anyhow still using 2.11.x and have come into an odd filtering need.
I need to *accept* email based on certain helo lines... Which I'm
pretty sure is possible, however the other part is I have to reject
user/unknown for all emails that don't match the helo line...
So I have my postfix setup basically as follows (currently):
domain1.com -> check local alias map, if match -> forward (relay) to the
real mail server via specific transport map
domain2.net -> relay domain + transport map -> spam/virus collector
domain3.org -> no local users, no relay domain, no transport map ->
everything rejected at SMTP as 'user unknown'
What I want to do is change the behavior for 'domain3.org' to:
No local users, no relay domain, no transport map by default, if
helo/ehlo is my IP address 'HELO [1.2.3.4]' or any unqualified ip
address 'HELO 23.34.45.56' to act the same as 'domain2.net' and behave
as if an entry in relay_domains and transport_maps to the spam/virus
collector.
Config is quite simple and as follows:
main.cf extract:
mynetworks_style = host
mydestination = $myhostname, localhost.$mydomain, localhost,
hash:/path-to/rejectdomains
smtpd_helo_restrictions = permit
alias_maps = hash:/path-to/aliases, hash:/path-to/ldapaliascache
transport_maps = hash:/path-to/ldaptranscache, hash:/path-to/transport
relay_domains = hash:/path-to/localdomains, hash:/path-to/spamcollector
smtpd_client_restrictions = cidr:/path-to/rejectlist, reject_rbl_client
dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org
Then, rejectdomains contains lines like:
domain3.org domain3.org
.domain3.org .domain3.org
rejectlist contains lines like:
199.16.156.0/22 550 5.1.1 User Unknown
66.220.144.0/20 550 5.1.1 User Unknown
108.174.0.0/20 550 5.1.1 User Unknown
17.0.0.0/8 550 5.1.1 User Unknown
ldapaliascache is built from script and contains lines like:
@domain1.com @domain1.com
miche...@domain1.net miche...@domain1.net
ad...@domain1.org.au ad...@domain1.org.au
ldaptranscache is also built from script and contains lines like:
domain1.com smtp:[mailbox.mymailserver.com]
domain1.net smtp:[mailbox.mymailserver.com]
domain1.org.au smtp:[mailbox.mymailserver.com]
transport contains lines like:
domain2.net spamanalyser:
spamcollector and localdomains contain lines like:
domain1.org.au domain1.org.au
.domain1.org.au .domain1.org.au
domain1.com domain1.com
.domain1.com .domain1.com
domain2.net domain2.net
.domain2.net .domain2.net
And finally master.cf is finished with the line:
spamanalyser unix - n n - - pipe
flags=R user=nobody argv=/path-to/analyser.rb
Thanks in advance,
Regards,
Michelle