Hi,
On Tue, Jun 16, 2009 at 2:46 PM, Brian Evans - Postfix List<[email protected]> wrote: > Eduardo Júnior wrote: >> with smtpd_delay_reject set to yes, where in my >> smtpd_recipient_restrictions I must put this restrictions to that it >> works properly? >> After permit_sasl_authenticated? >> >> That isn't clear for me. > If you put it after a permit, then the permit wins if the condition is met. > > Postfix restrictions go in order listed and, once accepted, ignore any > further checks. > > Brian right, my question didn't make sense because before there was a permit, ok I was confusion about when the credencials were obtained But re-reading chapther 7 of the The book of Postfix : state-of-the-art message transport / Ralf Hildebrandt and Patrick Koetter. I remember that all aspects of the connection are accumulated until RCPT TO (smtpd_delay_reject=yes) So, applying reject_sender_login_mismastch before permit_sasl_authenticated is sufficient for that? Follow my restrictions STMP: smtpd_sender_login_maps = mysql:/etc/postfix/mysql/mysql_virtual_sender_login_map.cf smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_non_fqdn_sender reject_unknown_sender_domain reject_unknown_recipient_domain permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated reject_unauth_destination reject_multi_recipient_bounce check_helo_access pcre:/etc/postfix/helo_checks check_client_access hash:/etc/postfix/client_checks_exceptions check_policy_service inet:127.0.0.1:60000 reject_non_fqdn_hostname # Muito agressiva - problema com Outlook reject_invalid_hostname # Muito agressiva - problema com Outlook reject_rbl_client bl.spamcop.net reject_rbl_client sbl.spamhaus.org reject_rhsbl_sender dsn.rfc.ignorant.org reject_unverified_sender permit Thanks, -- Eduardo Júnior GNU/Linux user #423272 :wq
