On 12.06.18 07:32, Poliman - Serwis wrote:
Thank you for answer. If in main.cf must be two different
check_client_access rules, so I should do:
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-
virtual_client.cf
smtpd_client_restrictions = check_client_access inline:{91.218.208.22=ok}
or maybe
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-
virtual_client.cf, check_client_access inline:{91.218.208.22=ok}
Am I right?
Neither one. as I said before:
"But it won't help you in smtpd_client_restrictions, since the client is
rejected later in smtpd_recipient_restrictions"
That means, you don't have to play with smtpd_client_restrictions.
Hmm, if above won't help, how to configure smtpd_recipient_restrictions to
unblock this specific ip 91.218.208.22 ?
If you want to configure smtpd_recipient_restrictions (un)block an IP, you
must put proper "check_client_access" to smtpd_recipient_restrictions,
in front of the rule that blocks that IP.
I'll keep the rest below undeleted because it still applies.
I just add that I prefer using hash or cidr tables for these cases instead
of inline access lists - it's easier to ad whitelisted IPs to those tables.
2018-06-11 16:24 GMT+02:00 Matus UHLAR - fantomas <uh...@fantomas.sk>:
On 11.06.18 15:17, Poliman - Serwis wrote:
Listed on lists related with Postfix, from my main.cf:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client
zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/
mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/
mysql-virtual_policy_greylist.cf
- I recommend putting reject_rbl_client zen.spamhaus.org at the end of
rules
- put check_client_access in front of reject_rbl_client, one that will
allow
IP 91.218.208.22
@Wietse
Currently I have in main.cf:
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
mysql-virtual_client.cf
Should this line be modified as:
smtpd_client_restrictions = check_client_access inline:{91.218.208.22=ok }
mysql:/etc/postfix/mysql-virtual_client.cf
OR
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/
mysql-virtual_client.cf, inline:{91.218.208.22=ok }
it's not possible to use two parameters for check_client_access
- there must be two different check_client_access rules.
But it won't help you in smtpd_client_restrictions, since the client is
rejected later in smtpd_recipient_restrictions
Btw I am curious - is it possible to turn off ip verification only for
clients?
for what clients? for your customers?
and which kind of IP verification?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95
