On Sat, 29 Nov 2003, Richard Bewley wrote:
|->
|->Hi,
|->
|->Since the smtpd_recipient_restrictions are "first match wins", you'll need
|->to put the part that rejects the IP address before you permit_mynetworks.
|->
|->smtpd_recipient_restrictions =
|-> reject_unauth_pipelining,
|-> reject_non_fqdn_sender,
|-> reject_non_fqdn_recipient,
|-> reject_unknown_sender_domain,
|-> reject_unknown_recipient_domain,
bad_ip.map, <<<<<<<<--------- This is what I was thinking and
putting the IP in there with a REJECT
|-> permit_mynetworks,
|-> reject_unauth_destination,
|-> check_client_access hash:/etc/postfix/access,
|-> check_sender_access hash:/etc/postfix/access,
|-> check_helo_access hash:/etc/postfix/helo_hostnames.map,
|-> reject_non_fqdn_hostname,
|-> check_sender_access hash:/etc/postfix/spamlist_extended.map,
|-> check_sender_access hash:/etc/postfix/from_senders_bogus.map,
|-> check_sender_access hash:/etc/postfix/from_senders_mybogus.map,
|-> reject_maps_rbl,
|-> permit
Is this the sort of thing you were talking about? Putting the reject
before the permit_mynetworks?
Thanks,
Keith
