> On Mar 26, 2023, at 13:28, Viktor Dukhovni via Postfix-users
> <[email protected]> wrote:
>
> On Sun, Mar 26, 2023 at 12:52:01PM -0700, Doug Hardie via Postfix-users wrote:
>
>> I don't want to remove the "reject_unknown_sender_domain" function as
>> it gets used properly a lot. Is there some way I can get postfix to
>> accept these for local delivery?
>
> smtpd_sender_restrictions =
> check_sender_access inline:{bogus.example.org =
> permit_auth_destination},
> reject_unknown_sender_domain
>
> Alternatively, if you prefer RE tables:
>
> main.cf:
> smtpd_mumble_restrictions =
> ... prior restrictions ...
> check_sender_access pcre:${config_directory}/sender-access.pcre
> ... later restrictions ...
>
> sender-access.pcre:
> # Single "node.example.org" domain
> /@node\.example\.org$/ DUNNO
> # The "tree.example.org" domain or any subdomain
> /(?:@|\.)tree\.example\.org$/ DUNNO
> # ... more exceptions here ...
> # Everyone else'd better be valid
> /^/ reject_unknown_sender_domain
>
> This has the advantage that the verdict for "bogus.example.com" is not
> final, later restrictions in the same restriction list are still
> evaluated. The downside is that most users are sloppy with regular
> expressions, when using regular expressions you are quite likely to make
> mistakes. For example,
Thanks Viktor. I went with the first approach and am getting errors:
warning: inline:{DigitalInsight.firefightersfirstcreditunion.org =
permit_auth_destination} is unavailable. missing '=' after attribute name:
"inline:{DigitalInsight.firefightersfirstcreditunion.org =
permit_auth_destination}"; need "inline:{name=value...}
and others like:
warning: inline:{DigitalInsight.firefightersfirstcreditunion.org =
permit_auth_destination} lookup error for "[email protected]"
I think that message is saying the : after inline should be an =. I'll give
that a try.
-- Doug
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
