On 6 mrt 2011, at 15:08, David Touzeau wrote: >>> but it seems that postfix did not want to test the authentication >>> method and pass it's rules trough subnet rules to finally refuse the >>> connection with a "Client host rejected: Access denied"
[snip] > smtpd_delay_reject = no http://www.postfix.org/postconf.5.html#smtpd_delay_reject Here, most likely. Ran into something very similar last week, and this was the cause. I suspect that if you were to increase logging detail, you'd find that 'permit_sasl_authenticated' evaluates to zero during the client restrictions stage because of a delay in getting back an answer from whatever SASL backend you have in use. Postfix evaluates the rest of the client restrictions, and denies you access. Try setting 'smtpd_delay_reject' to yes, which is the default, and consolidate all your restrictions under 'smtpd_recipient_restrictions' instead. Cya, Jona
