OK this is weird.
I have in main.cf:
relayhost = helix.wtfayla.net
relay_recipient_maps = hash:/etc/postfix/relay_recipients
relay_domains = hash:/etc/postfix/relay_domains
But if I run postconf -d | grep relay, I see:
relay_domains = ${{$compatibility_level} < {2} ? {$mydestination} : {}}
relay_recipient_maps =
relayhost =
Why are relay_recipient_maps and relayhost showing as empty??
Also this line does not match what I have in the bottom section:
smtpd_relay_restrictions = ${{$compatibility_level} < {1} ? {} :
{permit_mynetworks, permit_sasl_authenticated,
defer_unauth_destination}}relay_domains = ${{$compatibility_level} < {2} ?
{$mydestination} : {}}
I feel like it's somehow not using the main.cf I'm working on somehow??
On Thu, 1 Dec 2022, Jonathan Capra wrote:
On Fri, 2 Dec 2022, raf wrote:
The parameter smtpd_relay_restrictions was set twice in
main.cf. You should decide which one you want, and
delete the other (or combine what you want into a
single version). The postconf -nf command shown above
would just output the one that Postfix ends up using,
which might or might not be the one you think it is
using. This might matter, but probably not. The second,
more detailed one, will override the first one. But
note that only the first (unused) one contains
permit_sasl_authenticated, so SASL-authenticated
connections will be subject to all the checks in the
second smtpd_relay_restrictions.
But I don't think this is causing your problem.
Thanks. I commented out the first one.
In that bottom section, I commented out the RBL to simplify things for now.
But I would think that reject_unlisted_recipient should do the trick, but
nope. It's still letting anything through.
cheers,
raf
