On 13 February 2018 at 08:42, Voytek <li...@sbt.net.au> wrote:
> one of the users is waiting for an email from server currently listed on
> chances are it might get fixed in 12 hours, or, maybe not
> short of removing dnsbl.manitu.net from my RBL checks, is there a way to
> 'bypass' this current predicament, and, allow mails from the IP/host?
> can I simply put IP ? hostname ? both ? in /etc/postfix/client_checks ?
> or is it /etc/postfix/sender_checks ? as so:
> 188.8.131.52 OK
> mail12.tpgi.com.au OK
> from main.cf:
> smtpd_recipient_restrictions =
> check_policy_service inet:127.0.0.1:7777,
> check_sasl_access hash:/etc/postfix/sasl_access
> check_recipient_access hash:/etc/postfix/recipient_no_checks,
> check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
> check_helo_access hash:/etc/postfix/helo_checks,
> check_sender_access hash:/etc/postfix/sender_checks, <====??
> check_client_access hash:/etc/postfix/client_checks, <=====??
> check_client_access pcre:/etc/postfix/client_checks.pcre,
> reject_rbl_client zen.spamhaus.org,
> reject_rhsbl_client dbl.spamhaus.org,
> reject_rhsbl_sender dbl.spamhaus.org,
> reject_rbl_client psbl.surriel.com,
> reject_rbl_client ix.dnsbl.manitu.net,
> reject_rbl_client bl.spamcop.net,
> check_policy_service inet:127.0.0.1:10031
> Feb 13 15:11:59 emu postfix/smtpd: NOQUEUE: reject: RCPT from
> mail12.tpgi.com.au[184.108.40.206]: 554 5.7.1 Service unavailable; Client
> host [220.127.116.11] blocked using ix.dnsbl.manitu.net; Your e-mail
> service was detected by spam.over.port25.me (NiX Spam) as spamming at Tue,
> 13 Feb 2018 00:10:11 +0100. Your admin should visit
> from=<ju...@dom.tld.au> to=<s...@dom2.tld> proto=ESMTP
> .tpgi.com.au <http://mail12.tpgi.com.au>>
For use within restriction list(s):
check_client_access is for checking the purported address, or the ip, of
the incoming connecting client
check_sender_access is for checking the MAILFROM address (envelope sender)
check_helo_access is for checking the HELO/EHLO response name
For use outside restriction list(s): (hence later/slower)
header_checks can be used for checking email headers - including the
'From:' header address (which may well be different to the MAILFROM
In your case you can put either the ip or the client address onto a new
line in the file referenced by check_client_access, followed by ' OK', and
then postmap it afterwards. You might want to add tpgi.com.au rather
than mail12.tpgi.com.au (assuming smtpd_access_maps is listed in
parent_domain_matches_subdomains, which is the default case).
Yes it is a little confusing at first...