Nikolaos Milas:
[ Charset UTF-8 unsupported, converting... ]
> On 20/1/2012 3:24 ??, Nikolaos Milas wrote:
>
> >> # reject all clients not matching anything above, and be damn sure
> >> # to comment out the last reject under recipient_restrictions
> >> #
> >> 0.0.0.0/0 reject unauthorized client, please use our MX
> >>
> >
> > You mean to remove "reject" from *smtpd_client_restrictions*, not from
> > smtpd_recipient_restrictions. So, if we would be using:
> > smtpd_client_restrictions = check_client_access
> > cidr:/etc/postfix/gwservers.cidr,reject
> > we should rather just use:
> > smtpd_client_restrictions = check_client_access
> > cidr:/etc/postfix/gwservers.cidr
>
> By the way, I fail to see any difference between the two methods. It
> seems to me the same to use:
> smtpd_client_restrictions = check_client_access
> cidr:/etc/postfix/gwservers.cidr
> where gwservers.cidr is:
> xxx.xxx.xxx.xxx OK
> xxx.xxx.xxx.xxx OK
> 0.0.0.0/0 reject unauthorized client, please use our MX
This "passes" IPv6 clients that match no rule.
> or:
> smtpd_client_restrictions = check_client_access
> cidr:/etc/postfix/gwservers.cidr,reject
> where gwservers.cidr is:
> xxx.xxx.xxx.xxx OK
> xxx.xxx.xxx.xxx OK
>
> Aren't the two methods practically the same?
This stops IPv6 clients that match no rule.
Wietse