I'd like to block certain IP's from attempting to authenticate on my submission port.
This is what I have now: #master.cf #port 587 submission inet n - n - - smtpd -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o smtpd_sasl_auth_enable=yes Is it possible to configure to use an access list before the permit_sasl_authenticated? Where the access file contains: # Somedomain.com 550 reject 45.227.253.216 550 reject Is this right? Want to be sure I'm configuring it correctly and not opening some hole: #master.cf #port 587 submission inet n - n - - smtpd -o smtpd_recipient_restrictions= check_client_access hash:/etc/postfix/access, permit_sasl_authenticated,reject -o smtpd_sasl_auth_enable=yes
