Ah! My bad (really, really bad :). I did a quick search of the man pages and didn't look too carefully (darn case sensitivity on searching). Thank you (and Wietse, I saw your message too and immediatelly slammed down my server to fix it) for catching that before it blew up!
-Michael On Sat, 23 Aug 2008, Duane Hill wrote: |> On Fri, 22 Aug 2008, Michael G. Reed wrote: |> |> > Worked like a champ. (for anyone else interested, put "OK" |> > for "dunno" below and you're good to go :). Thanks! |> |> Take CAREFUL consideration in using "OK". It can open your server up like |> a can of worms. Telling Postfix OK will bypass all further restrictions in |> whatever smtpd_*_restrictions section you have it listed in. |> |> According to 'man 5 access', DUNNO will pretend the lookup key was not |> found and continue on with the next restriction. |> |> > On Fri, 22 Aug 2008, Wietse Venema wrote: |> > |> Wietse Venema: |> > |> > Michael G. Reed: |> > |> > > I've been looking around to see how I can deal with a |> > |> > > particular site that doesn't report a FQDN in the HELO/EHLO line. I |> > |> > > have smtpd_recipient_restrictions containing: |> > |> > > |> > |> > > reject_non_fqdn_sender |> > |> > > reject_non_fqdn_recipient |> > |> > > reject_non_fqdn_hostname |> > |> > > |> > |> > > to help with SPAM issues. I want these enforced for everyone EXCEPT |> > |> > > one site (heck, one IP) that needs to talk to me (but I've been unable |> > |> > > to get their admin to fix their broken configuration). Is this |> > |> > > possible or am I just missing something really obvious? Any pointers |> > |> > > would be greatly appreciated. Thanks! |> > |> |> > |> Sorry, I used PCRE instead of CIDR. Corrected version follows. |> > |> |> > |> Wietse |> > |> |> > |> Perhaps: |> > |> |> > |> /etc/postfix/main.cf: |> > |> smtpd_recipient_restrictions = |> > |> ... |> > |> check_client_access cidr:/etc/postfix/client_cidr |> > |> ... |> > |> |> > |> /etc/postfix/client_cidr: |> > |> 192.168.0.1/32 dunno |> > |> 0.0.0.0/0 reject_non_fqdn_sender, reject_non_fqdn_recipient, ... |> > |> ::/0 reject_non_fqdn_sender, reject_non_fqdn_recipient, ... |> > |> |> > |> Not intuitive, but effective. |> > |> |> > |> man 5 access |> > |> man 5 cidr_table |> > |> |> > |> Wietse
