[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users
Subject:    smtpd_restrictions sanity check
From:       Alex <mysqlstudent () gmail ! com>
Date:       2009-10-31 21:52:05
Message-ID: 55e03a0a0910311452g49e11d60s2a68864c7ee3e812 () mail ! gmail ! com
[Download RAW message or body]

Hi all,

Hopefully I don't have the most frequently asked question, but I'm
spinning my wheels and perhaps followed some bad advice. I hoped
someone could look over my recipient restrictions to see if I'm making
some kind of mistake:

smtpd_recipient_restrictions =
        reject_invalid_hostname,
        reject_non_fqdn_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_unauth_pipelining,
        check_client_access hash:/etc/postfix/client_checks,
        check_recipient_access pcre:/etc/postfix/relay_recips_checks,
        check_helo_access hash:/etc/postfix/helo_checks,
        check_sender_access hash:/etc/postfix/sender_checks,
        check_sender_access hash:/etc/postfix/disallow_my_domain,
        permit_mynetworks,
        check_recipient_access pcre:/etc/postfix/recipient_checks,
        reject_unauth_destination,
        reject_maps_rbl,
        permit

I originally had permit_mynetworks further up, but it seems
client_checks was then being ignored, despite the client not being on
my network.

I'm now trying to provide a mail server that is not part of my
networks to my network.

I also have a handful of cron scripts that run on this remote network
that send mail to my network, but with internal hostnames that aren't
resolvable once they reach my network. Do I just add them to my
postfix hosts file or is there a way to avoid checking the hostname
(sender access?) so they aren't rejected with "Sender address
rejected: Domain not found"?

Thanks,
Alex
[prev in list] [next in list] [prev in thread] [next in thread]