Re: Configuration Syntax

[Noel Jones]

On 7/6/2017 1:45 PM, Doug Hardie wrote:
> I tried to implement RBL and postfwd.  I placed everything in main.cf:
> 
> smtpd_recipient_restrictions =
>       check_policy_service inet:127.0.0.1:10040
>       reject_invalid_hostname,
>       reject_non_fqdn_sender,
>       reject_non_fqdn_recipient,
>       reject_unknown_sender_domain,
>       reject_unknown_recipient_domain,
>       reject_unauth_pipelining,
>       permit_mynetworks,
>       reject_unauth_destination,
>       reject_rbl_client bl.spamcop.net
>       permit
> 
> That worked, but it affected both the smtp and submission ports.  I expected 
> that, but it made it easier to test.  However, I then needed to make the 
> submission port work properly.  So I made the following change to master.cf 
> and removed those lines from main.cf:
> 
> smtpd      pass  -       -       n       -       -       smtpd
>        -o smtpd_recipient_restrictions =
>                check_policy_service inet:127.0.0.1:10040
>                reject_invalid_hostname,
>                reject_non_fqdn_sender,
>                reject_non_fqdn_recipient,
>                reject_unknown_sender_domain,
>                reject_unknown_recipient_domain,
>                reject_unauth_pipelining,
>                permit_mynetworks,
>                reject_unauth_destination,
>                reject_rbl_client bl.spamcop.net
>                permit
> 
> 
> After a postfix reload basically everything stopped working.  There were no 
> errors reported in maillog.  Basically, nothing was going into maillog.  So I 
> went back to the original configuration and it started working again.  I then 
> added the following to master.cf to remove those from submission port:
> 
> submission inet n       -       n       -       -       smtpd
>        -o smtpd_recipient_restrictions=permit_mynetworks
> 
> 
> This approach works, but it seems to me that the first approach should have 
> worked.  Apparently I have formatted the options incorrectly.  What did I do 
> wrong?
> 
> -- Doug
> 


main.cf doesn't allow spaces in the options.  The supported syntax
is to either use commas "," rather than spaces; enclose the option
in braces "{ ... }"; or the preferred method of defining a macro in
main.cf and reference it in master.cf.  See the master.cf man page.

# main.cf
my_smtpd_restrictions =
               check_policy_service inet:127.0.0.1:10040
               reject_invalid_hostname,
               reject_non_fqdn_sender,
               reject_non_fqdn_recipient,
               reject_unknown_sender_domain,
               reject_unknown_recipient_domain,
               reject_unauth_pipelining,
               permit_mynetworks,
               reject_unauth_destination,
               reject_rbl_client bl.spamcop.net
               permit

# master.cf
smtpd      pass  -       -       n       -       -       smtpd
  -o smtpd_recipient_restrictions=$my_smtpd_restrictions



  -- Noel Jones