I think I will have to implement my own SMTP Access Policy [1] in this case.
1- http://www.postfix.org/SMTPD_POLICY_README.html
Phil Stracchino schrieb am Mo. 8. Okt. 2018 um 14:34:
> On 10/8/18 6:42 AM, Manuel Mely wrote:
> > Well the tables look basically like this:
> >
> > domain: id (binar
On 2018-10-08 22:42:27 (-0400), Phil Stracchino wrote:
I have a perplexing puzzle thrust upon me.
Consider the following:
Oct 8 15:55:33 minbar postfix/smtpd[7422]: NOQUEUE: reject: RCPT from
rs230.mailgun.us[209.61.151.230]: 551 5.1.8 :
Sender address rejected: Domain not found;
from=
to= pro
On 08.10.18 22:42, Phil Stracchino wrote:
Consider the following:
Oct 8 15:55:33 minbar postfix/smtpd[7422]: NOQUEUE: reject: RCPT from
rs230.mailgun.us[209.61.151.230]: 551 5.1.8 :
Sender address rejected: Domain not found;
from=
to= proto=ESMTP helo=
mailgun.us is connecting with a good HEL
I want to TEMPORARILY (I hope) whitelist redac...@mg.pluspora.com as a
sender address as long as the mail is being sent by mailgun.us.
How would you do it?
You could add a check_sender_access which returns OK for
mg.pluspora.com before the reject_unknown_sender_domain in
smtpd_recipient_re
Hi all,
I have to implement a restriction class as per
http://www.postfix.org/RESTRICTION_CLASS_README.html to protect some
internal aliases, allowing just selected users to send mails to. Initial
idea is to create a security group (called PSIU below) inside AD (Samba
4.7) and put granted peo
On 10/9/18 4:37 AM, Matus UHLAR - fantomas wrote:
> I would not whitelist mail from domain that is not deliverable.
> they should fix their DNS first.
>
> but if you really want to whitelist them, you must add it to access list
> which will be parsed before reject_unknown_sender_domain.
Well, I
On 10/9/18 6:10 AM, Jan P. Kessler wrote:
>
>>> I want to TEMPORARILY (I hope) whitelist redac...@mg.pluspora.com as a
>>> sender address as long as the mail is being sent by mailgun.us.
>>>
>>> How would you do it?
>>
>> You could add a check_sender_access which returns OK for
>> mg.pluspora.com
On 10/9/18 4:33 AM, Philip Paeps wrote:
> You could add a check_sender_access which returns OK for mg.pluspora.com
> before the reject_unknown_sender_domain in smtpd_recipient_restrictions.
Yeah, I tried that as a quick-and-dirty temporary patch; I'm a little
surprised that it appears not to ha
What you're trying to do can't be done with Postfix access(5)
tables. You're trying to encode a pair of lookup keys, the
sender and the receiving alias into a single query, so that
different receiving aliases can have different allowed senders.
Postfix has only single-key queries. If a single se
I hope you did not forget that "check_sender_access" returning
"OK" must not be used in smtpd_recipient_restrictions prior to
"reject_unauth_destination", unless your configuration is a bit
more "modern" and uses "smtpd_relay_restrictions" to restrict
relay access.
> On Oct 9, 2018, at 10:58 AM, P
On 10/9/18 11:03 AM, Viktor Dukhovni wrote:
> I hope you did not forget that "check_sender_access" returning
> "OK" must not be used in smtpd_recipient_restrictions prior to
> "reject_unauth_destination", unless your configuration is a bit
> more "modern" and uses "smtpd_relay_restrictions" to rest
Hi Viktor,
Thank you for your answer. Do you have any direction I could follow to
achieve my end goal - control who can send mail to some addresses with
data from LDAP? Any hint or idea is helpfull.
Thanks, best regards.
Em 09/10/2018 11:57, Viktor Dukhovni escreveu:
What you're trying to
> On Oct 9, 2018, at 12:57 PM, Marcio Vogel Merlone dos Santos
> wrote:
>
> Thank you for your answer. Do you have any direction I could follow to
> achieve my end goal - control who can send mail to some addresses with data
> from LDAP? Any hint or idea is helpfull.
Postfix has only singl
> On Oct 9, 2018, at 12:12 PM, Phil Stracchino wrote:
>
> Indeed, reject_unauth_destination is my third rule, after
> permit_mynetworks and permit_tls_clientcerts. And it's my *second*
> rule, after permit_tls_clientcerts, in smtpd_relay_restrictions.
If you already have it in smtpd_relay_re
On 10/9/18 1:56 PM, Viktor Dukhovni wrote:
>
>
>> On Oct 9, 2018, at 12:12 PM, Phil Stracchino wrote:
>>
>> Indeed, reject_unauth_destination is my third rule, after
>> permit_mynetworks and permit_tls_clientcerts. And it's my *second*
>> rule, after permit_tls_clientcerts, in smtpd_relay_restr
15 matches
Mail list logo
