On Sat, Sep 02, 2017 at 06:34:35AM -0700, xiedeacc wrote:
Note the below reformatting of the text you sent to show one logical
restrictin per line. When asking for help it is polite to make it
easier for others to help you. Try to not send a jumble of text
that others have to tease apart.
I've also numbered the restrictions to make it easier to make the
point below.
> smtpd_recipient_restrictions =
> 1. check_recipient_access hash:/etc/postfix/recipient_access,
> 2. permit_auth_destination,
> 3. reject_unauth_pipelining
> 4. permit_mynetworks,
> 5. permit_sasl_authenticated,
> 6. reject_non_fqdn_recipient,
> 7. reject_unknown_recipient_domain,
> 8. reject_unauth_destination,
> 9. check_policy_service unix:/var/spool/postfix/var/run/postgrey/socket,
> 10. reject
After restriction (2), all of your inbound domains are allowed,
and only outbound mail to remote domains is subject to further
checks.
After restriction (8), all remote domains are rejected. And so
if this arrangement is intentional, and not a temporary attempt
to avoid rejecting email, then (9) can never be reached.
And likely adding (10) makes little sense after a greylisting policy
at (9), because I'd expect (9) to only ever "DEFER" or "DUNNO",
which means that nothing can get past (9) + (10). I'd surprised
to find that "postgrey" returns "OK" and not "DUNNO" when greylisting
passes.
--
Viktor.
