On 9/7/2012 4:44 PM, General Mail wrote: > On 9/7/2012 4:04 PM, Wietse Venema wrote: >> General Mail: >>> On 9/7/2012 3:27 PM, Wietse Venema wrote: >>>> General Mail: >>>>> /etc/postfix/access >>>>> ad...@bombshellz.net OK >>>>> no-re...@bombshellz.net OK >>>>> * REJECT "$access_map_reject_code You can't send E-Mails from this >>>>> server any longer. This is for Admin E-Mails only" >>>> There is no documentation for "$access_map_reject_code" in access >>>> maps. >>>> That feature does not exist. >>>> >>>> There is no documentation for "*" in access maps. There is >>>> documentation >>>> for using PCRE or REGEXP patterns in access maps. >>>> >>>> http://www.postfix.org/access.5.html >>>> http://www.postfix.org/pcre_table.5.html >>>> http://www.postfix.org/regexp_table.5.html >>>> >>>> Wietse >>> Hello, >>> >>> Thanks for the quick reply. >>> >>> According to the documentation you referred me to, it does contain >>> '$access_map_reject_code' in the example as follows: >> The text in question is: >> >> REJECT optional text... >> Reject the address etc. that matches the pattern. Reply with >> "$access_map_reject_code optional text..." when the optional >> >> Here, >> >> - YOU provide "REJECT optional text..." in the access table. >> >> - POSTFIX provides the $access_map_reject_code value, using the >> parameter setting in main.cf. >> >> So it should now be 100% crystal clear that YOU DO NOT provide >> $access_map_reject_code in the access table. >> >> Wietse >> >> > Hello, > > I was well aware beforehand but thanks for the clarification and was > planning to stick with the default value from the documentation. My > new setup is as follows: > > postconf -n 'smtpd_sender_restrictions' > smtpd_sender_restrictions = check_sender_access > pcre:/etc/postfix/sender, reject > > cat /etc/postfix/sender > /^admin@bombshellz\.net$/ OK > /^no-reply@bombshellz\.net$/ OK > /.*/ REJECT "$access_map_reject_code You can't send E-Mails from > this server any longer. This is for Admin E-Mails only" >
As Wietse said, that last line should be /.*/ REJECT You can't send E-Mails from this server any longer. This is for Admin E-Mails only The REJECT verb itself prepends the reject code. > Testing: > > telnet 127.0.0.1 smtp > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > 220 relayhost1.bombshellz.net ESMTP Postfix > EHLO test > 250-relayhost1.bombshellz.net > 250-PIPELINING > 250-SIZE > 250-VRFY > 250-ETRN > 250-STARTTLS > 250-AUTH PLAIN LOGIN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > MAIL FROM: donts...@test.com > 250 2.1.0 Ok > QUIT > By default, Postfix applies restrictions during RCPT TO. smtpd_delay_reject defaults to yes due to some poorly written software that chokes if it receives a negative answer before RCPT TO stage. That's why it's not yet an error. Brian > I am missing something here for this not to work properly and not > quite sure what it is? > > Best Regards > >
