Hello list,

I use the following smtpd_sender_restrictions to enforce TLS:



smtpd_sender_restrictions = permit_mynetworks, check_sender_access 
hash:/etc/postfix/tls-exceptions reject_plaintext_session

The check_sender_access is used, to "whitelist" some domains.

So far, everything is working as excepted.


Now I also need to whitelist some IP-adresses

As per

https://www.postfix.org/postconf.5.html#smtpd_sender_restrictions

check_sender_access type:table

only "MAIL FROM address, domain, parent domains, or localpart@," can be used 
but not an IP address.

As a workaround a add them to $mynetworks, to bypass the 
reject_plaintext_session restriction.
But I do not want to allow relaying to the whitelisted addresses.


Any hints how smtpd_sender_restrictions can be overridden with an IP based  
hash or cidr table?




Regards
Aban

--
 Aban Dokht                                   aban.do...@abando.de
------------------------------------------------------------------
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to