From: Ralf Hildebrandt (no email)
Date: Thu Nov 01 2001 - 05:49:47 EST
On Thu, Nov 01, 2001 at 11:46:09PM +1300, Chris Hellyar wrote:
> I'm setting up a server for collocation, and I want three users to be able
>to use it as their smtp server, so I've set $mynetworks to be the netblock
>for the dial-up pool of the ISP, and in main.cf I've got:
>
> smtpd_sender_restrictions = hash:/etc/postfix/access
>
> smtpd_recipient_restrictions =
> reject_unknown_sender_domain,
> reject_unknown_recipient_domain,
> reject_non_fqdn_sender,
> reject_non_fqdn_recipient,
> reject_invalid_hostname,
> reject_unauth_pipelining,
> allow_mynetworks,
> reject_unauth_destination,
> check_relay_domains
This is wrong.
Use:
permit_mynetworks,
check_relay_domains
(reject_unauth_destination serves no purpose)
> in /etc/postfix/access I've got
>
> OK
> OK
> OK
>
> Because the access file only 'blocks' the relay if there is an explicit
> REJECT it doesn't stop someone using '' as the from address
> and relaying off my box.. I only want the server to relay for chris,
> Barry and in the ISP netblock in $mynetworks.
Use smtpd_restrictions_classes based on IP.
--
Ralf Hildebrandt Tel. +49 (0)30-450 570-155
Fax. +49 (0)30-450 570-916
Failure is not an option. It comes bundled
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|