[prev in list] [next in list] [prev in thread] [next in thread]
List: postfix-users
Subject: Re: Whitelisting refuses to work
From: "Bill Cole" <postfixlists-070913 () billmail ! scconsult ! com>
Date: 2019-12-17 18:49:05
Message-ID: F3AA0486-F970-43C9-9ADE-159FD1924F61 () billmail ! scconsult ! com
[Download RAW message or body]
On 17 Dec 2019, at 9:24, Ieva Dav wrote:
> Hi,
>
> So i inherited an old postfix setup and we have:
>
> smtpd_client_restrictions =
> check_client_access hash:$conf_dir/whitelist,
> reject_rbl_client blah
> reject_rbl_client blahblah
> etc
>
> And it still blocks the domains i put in the whitelist.
Note that check_client_access requires an IPv4 address or 1-3 octet
prefix, an IPv6 address or 3-8 octetpair prefix, or a domain tail that
matches the VERIFIED reverse name of the client host. It does NOT match
domains in envelope sender addresses, EHLO/HELO names, or any message
header.
> Google says to have
> this in recipient restrictions instead, but that doesn't work either.
Where you put specific restrictions affects how you can whitelist one
with another. Ordering across the different restriction lists and within
each list is important. You can't use a whitelist in
smtpd_recipient_restrictions to reverse a rejection made in
smtpd_client_restrictions and a whitelist that operates in
smtpd_client_restrictions doesn't prevent a rejection in
smtpd_recipient_restrictions.
Determining what exactly is not working in your case requires more
details.
> What did i miss?
These instructions for seeking help here:
http://www.postfix.org/DEBUG_README.html#mail
--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic