Martijn de Munnik a écrit :
>
> On Aug 24, 2009, at 8:31 PM, Martijn de Munnik wrote:
>
>>
>> On Aug 24, 2009, at 7:57 PM, /dev/rob0 wrote:
>>
>>> On Monday 24 August 2009 12:43:16 Martijn de Munnik wrote:
>>>> How can I write a message to syslog when a check_client_access
>>>> rule matches?
>>>
>>> See the WARN result. If you mean that you want to log and to trigger
>>> some other action, do note that REJECT and DEFER results are logged
>>> anyway. If you're wanting to log an accept action, you could make a
>>> multiple result using a restriction class:
>>> http://www.postfix.org/RESTRICTION_CLASS_README.html
>>> http://www.postfix.org/postconf.5.html#smtpd_restriction_classes
>>
>> Could someone please provide an example, this is a little bit too
>> technical for me ;)
>>
>> smtpd_recipient_restrictions =
>> permit_mynetworks,
>> permit_sasl_authenticated,
>> reject_non_fqdn_recipient,
>> reject_non_fqdn_sender,
>> reject_unknown_sender_domain,
>> reject_unverified_recipient,
>> reject_unauth_destination,
>> reject_invalid_helo_hostname,
>> reject_non_fqdn_helo_hostname,
>> reject_rbl_client virbl.dnsbl.bit.nl,
>> check_policy_service inet:127.0.0.1:12525,
>> check_client_access cidr:/opt/csw/etc/postfix/postfix-dnswl-permit,
>> check_policy_service inet:127.0.0.1:10023
>>
>
> I want to log the accept action from the check_client_access rule so I
> can use the whitelist hits in stats.
>
replace the "permit_auth_destination ..." returned by
postfix-dnswl-permit with "policy_dnswl", so you'd get things like
222.255.237.6/32 policy_dnswl
then in postfix:
smtpd_restriction_classes = ... policy_dnswl
policy_dnswl =
check_client_access pcre:/etc/postfix/logall
permit
== /etc/postfix/logall
/./ WARN client whitelisted using DNSWL
