- Previous message: Charles Marcus: "Correct smtp auth config..."
- Maybe in reply to: Dennis Putnam: "Re: Whitelisting Redux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Dennis Putnam (no email)
Date: Tue May 01 2007 - 13:53:01 EDT
On May 1, 2007, at 11:10 AM, Jorey Bump wrote:
>
> No, I meant for you to change the "smtpd_client_restrictions" entry
> that you provided to "smtpd_recipient_restrictions" and remove the
> redundant smtpd_recipient_restrictions from your configuration.
>
>
> It was. The address was wrong.
Well, DOH! That's 2.
>
> No.
>
> To be clear, it's using the address provided during MAIL FROM (not
> the From: header), and you're right, that's easily spoofed. But if
> you want to use check_sender_access, that's what we're talking
> about, the envelope sender.
I understand and see the problem. I suspected that but was hoping I
was wrong. Thanks.
>
> Refer to Email Address Patterns in:
>
> man 5 access
>
> or:
>
> http://www.postfix.org/access.5.html
Thanks. I read this before but I guess I was refusing to believe
there is no wildcard in the pattern matching. It appears I just can't
do some of the things I wanted but there are other ways.
>
> Well, I sympathize, but this may be a user issue. They need to
> complain to the ISP or switch. Kudos for trying to solve their
> problem, but you may be taking on a maintenance headache. Of
> course, you could move your RBLs to a scoring system via a policy
> server or SpamAssassin if they are causing you too many problems.
> Using RBLs isn't required, so I guess you do bear some of the
> responsibility here.
In case you haven't figured it out the user is me. Complaining to the
ISP is a waste, they won't even stop themselves from being
blacklisted. Besides anyone that complains is just a stupid user that
knows nothing about systems. Switching is not really a cost effective
option at this time. As for a maintenance headache, what is one
more? :-) There are only a few users in this category so once I have
it working it won't be a big deal. I just need to make sure this
doesn't happen again. My Mandriva system has a cron script that
reports critical files that have changed. Maybe I'll clone that
script and use it here since main.cf can get changed so easily and
sometimes it takes a while to notice the effects.
>
> I meant you must do this if you plan to use the bellsouth.net
> address as your sender address for outgoing mail. Outgoing mail
> *to* bellsouth.net is not affected by this configuration.
>
Ah, I see. That is not an issue.
After all the gyrations it looks like you got me to where I need to
be. I still have no idea what was changed that made it stop working
in the first place. Plus I also don't know how it could have ever
worked based on what you taught me. Thanks again for saving the day
for me. I owe you and adult beverage of your choice.
|
|
|