On Thu, 11 Aug 2016 13:44:42 +0300, Nikolaos Milas wrote: > On 11/8/2016 1:25 μμ, Richard Klingler wrote: > >> Is there an easy way to block a list of prefixes from accessing postfix? >> ... >> Preferably I would like to combine prefix and domain filtering >> as plain helo_checks won't allow regular expression for hostnames. > > I think you can use: > > smtpd_recipient_restrictions = > ... > check_sender_access hash:/etc/postfix/blacklisted_senders > check_client_access cidr:/etc/postfix/blacklisted_prefixes > reject_unverified_recipient > reject_unauth_destination
Doesn't work with the blacklisted_prefix file... Have: smtpd_recipient_restrictions = check_client_access cidr:/usr/local/etc/postfix/blacklisted_prefixes, permit_sasl_authenticated, .... But I still get connection message that shows that the blacklist is bypassed although I have an entry in blacklisted_prefixes: 93.152.0.0/17 REJECT Aug 11 20:05:39 <mail.info> marvin postfix/smtpd[19974]: initializing the server-side TLS engine Aug 11 20:05:39 <mail.info> marvin postfix/smtpd[19974]: connect from 93-152-67-113.itlab.managedbroadband.co.uk[93.152.67.113] Aug 11 20:05:41 <mail.warn> marvin postfix/smtpd[19974]: warning: SASL authentication failure: no user in db Aug 11 20:05:41 <mail.warn> marvin postfix/smtpd[19974]: warning: SASL authentication failure: no user in db Aug 11 20:05:41 <mail.warn> marvin postfix/smtpd[19974]: warning: 93-152-67-113.itlab.managedbroadband.co.uk[93.152.67.113]: SASL LOGIN authentication failed: authentication failure Aug 11 20:05:41 <mail.info> marvin postfix/smtpd[19974]: disconnect from 93-152-67-113.itlab.managedbroadband.co.uk[93.152.67.113] cheers richard
