On 8/12/2016 4:33 AM, Richard Klingler wrote: > Also modified the blacklist that is now part of mynetworks: > > mynetworks = cidr:/usr/local/etc/postfix/blacklist.cidr > > And of course the prefix above is also not rejected: > > 127.0.0.0/8 OK > 60.166.0.0/15 REJECT >
Don't do that! mynetworks is not an access list. You have added the unwanted network to your trusted list. http://www.postfix.org/postconf.5.html#mynetworks Postfix works as documented, and the documentation is among the most complete and accurate you'll find. Please read it carefully and often. The official documentation can be found here: http://www.postfix.org/documentation.html If you're having trouble rejecting some client, you have something configured wrong. Some common errors: - The main.cf you're editing is not the one postfix is using. Check the output of "postconf config_directory" - your text editor is putting invisible garbage in files, confusing postfix. Use of "vi" or equivalent is strongly recommended. - You have parameters defined multiple times in main.cf; as documented, the last one wins. Check "postconf -n" output for what postfix sees. - Your map is broken somehow. Test your map with "postmap -q inputstring maptype:mapname". With non-indexed maps such as pcre and cidr, the order matters; first match wins. man 1 postmap - something else? This not an exhaustive list. Description of all main.cf parameters can be found here: http://www.postfix.org/postconf.5.html "Note: this is not an invitation to make changes to Postfix configuration parameters. Unnecessary changes are likely to impair the operation of the mail system. " Good luck. -- Noel Jones
