From: Ralf Hildebrandt (no email)
Date: Mon Jul 01 2002 - 12:27:27 EDT
On Mon, Jul 01, 2002 at 11:58:51AM -0400, Larry Hansford wrote:
> >> smtpd_recipient_restrictions =
> >> reject_non_fqdn_sender,
> >> reject_non_fqdn_recipient,
> >> reject_unknown_sender_domain,
> >> reject_unknown_recipient_domain,
> >> permit_mynetworks,
> > reject_unauth_destination,
> >> check_client_access hash:/etc/postfix/pop-before-smtp,
> >> check_sender_access hash:/etc/postfix/access_list,
> >> check_recipient_access hash:/etc/postfix/access_list,
> >> reject_non_fqdn_hostname,
> >> reject_unknown_client,
> > permit
> >
> >and just put:
> >
> >gbod.com OK
> >ecomc.com OK
> >
> >into hash:/etc/postfix/access_list
> Thanks, Ralf!
>
> I've added the changes and will test them.
>
> I thought I had read on this list that putting any domains as OK in the
> access_list opened up the list to any host. Maybe I misread that.
You are right. But my config like described above, does
"reject_unauth_destination" first and THEN a check_client_access or
check_sender_access !
> I assume that the check_relay_domains is no longer needed, or redundant?
Thus I removed it.
--
Ralf Hildebrandt (Im Auftrag des Referat V A)
Charite Campus Virchow-Klinikum Tel. +49 (0)30-450 570-155
Referat V A - Kommunikationsnetze - Fax. +49 (0)30-450 570-916
If I had a ( for every $ the government spent, what would I have?
Typical unix response: Too many ('s.
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|