deconya wrote:
Hi
When you says
Perhaps you forgot to prefix your RBL check with permit_mynetworks
and/or permit_sasl_authenticated.
where I need to put this options? Are in smtpd_recipient_restrictions
but no in smtpd_client_restrictions. I can put in the
client_restrictions options¿?
For example:
smtpd_client_restrictions=
check_client_access hash:/etc/postfix/access,
* permit_sasl_authenticated,*
# reject_unknown_client,
# reject_rbl_client rbl.orbitrbl.com <http://rbl.orbitrbl.com>,
# reject_rbl_client bl.spamcop.net <http://bl.spamcop.net>,
reject_rbl_client whois.rfc-ignorant.org
<http://whois.rfc-ignorant.org>,
reject_rbl_client dnsbl.njabl.org <http://dnsbl.njabl.org>,
reject_rbl_client zombie.dnsbl.sorbs.net
<http://zombie.dnsbl.sorbs.net>
Is correct here?
[please press the "Plain Text" button when using gmail]
[please do not top post]
Yes, if your problem is rejecting authenticated users, the
above will fix it. Make sure you *do not* change the default
setting of
smtpd_delay_reject = yes
Many people find it easier to list all restrictions under
smtpd_recipient_restrictions. That way it's easier to see the
order restrictions are applied and easier to whitelist
authenticated clients.
Or even better, set up the submission port 587 for
authenticated users. This lets them connect even when their
local ISP blocks port 25 access.
# master.cf:
submission inet n - n - - smtpd
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_helo_restrictions=
-o
smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o syslog_name=postfix-submission
-- Noel Jones
