From: Chuck Amadi (no email)
Date: Thu Mar 01 2007 - 05:34:45 EST
Hi Eray Aslan
Just adding my 50 cents that is what we had implemented to aid domains
that you don't want relay mail to add "!" mark before the ip address
using the mynetworks directive as below.
# Contains "!" entries for clients we do not want to relay through here
even though they are our clients.
# So add "!" before the ip address of your server in question.
mynetowroks = www.xxx.www.zzz, !aaa.bbb.ccc.ddd
It's clean and simple
Ta
Chuck
wrote:
> Jan P. Kessler wrote:
>
>>> I've bought the O'Reilly book about Postfix and I see that I can create
>>> my own restriction classes.
>>> My question is the following: can I use this to choose which computer
>>> are allowed to use my relay server to send mail to Internet and which
>>> are not ?
>>>
>> You can BUT you don't need that nuclear rocket to kill some sparrows ;)
>> Just set your mynetworks correctly:
>>
>> mynetworks = 192.168.1.0/24, !192.168.1.2, !192.168.1.3
>> smtpd_recipient_restrictions = permit_mynetworks
>> reject_unauth_destination
>>
>> This allows relaying to 192.168.1/24 but not for .2 and .3. If the list
>> grows you can put that information into files (i'd suggest "cidr" type
>> dbs).
>>
>
> From postconf(5) regarding mynetworks:
>
> [...]
> The list is matched left to right, and the search stops on the first match.
> [...]
>
> You need to reverse the order. !192.168.1.2/32 192.168.1.0/24
>
>
-- Chuck Amadi ROK Corporation Limited Ty ROK, Dyffryn Business Park, Llantwit Major Road, Llandow, Vale Of Glamorgan. CF71 7PY Tel: 01446 795 839 Fax: 01446 794 994 International Tel: +44 1446 795 839 email: This email is confidential to the addressee only. If you do not believe that you are the intended recipient, do not pass it on or copy it in any way. Please delete it immediately.
|
|
|