Last one on my postfix bug triage pile for today:
A Debian user complained that using CIDR notation in hash tables for
mynetworks doesn't work. Of course it doesn't. I found discussions about
this going back a long time [1], which suggests to me that the documentation
might be improved to make this clearer. Please see the attached patch for
postconf.5 (I used 3.6.3) as a suggestion.
Thanks,
Scott K
[1]
https://list.postfix.users.narkive.com/RvXVPsgO/hash-etc-postfix-network-table
diff --git a/man/man5/postconf.5 b/man/man5/postconf.5
index b91b908c..ca15ae36 100644
--- a/man/man5/postconf.5
+++ b/man/man5/postconf.5
@@ -4660,6 +4660,9 @@ Note 2: IP version 6 address information must be specified inside
"/file/name". IP version 6 addresses contain the ":" character,
and would otherwise be confused with a "type:table" pattern.
.PP
+Note 3: CIDR ranges cannot be specified in hash tables. Use cidr
+tables if CIDR ranges are used.
+.PP
Examples:
.PP
.nf
@@ -4670,6 +4673,7 @@ mynetworks = !192.168.0.1, 192.168.0.0/28
mynetworks = 127.0.0.0/8 168.100.189.0/28 [::1]/128 [2001:240:587::]/64
mynetworks = $config_directory/mynetworks
mynetworks = hash:/etc/postfix/network_table
+mynetworks = cidr:/etc/postfix/network_table
.fi
.ad
.ft R
