postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: question about mynetworks and reject_rbl_clie

Re: question about mynetworks and reject_rbl_client directives

From: Noel Jones <njones_at_nospam>
Date: Wed Oct 27 2010 - 19:52:30 GMT
To: postfix-users@postfix.org

On 10/27/2010 1:41 PM, Christopher Adams wrote:
> Would I just add the IP(s) of the
> domain that I want to accept to mynetworks, make sure that happens

No, only networks under your control should be added to
mynetworks.

For outsiders that may be on RBLs, you need to maintain a
separate whitelist.

> smtpd_recipient_restrictions =
> permit_sasl_authenticated,
> permit_mynetworks,
> reject_unauth_destination,

  --> check_client_access hash:/etc/postfix/client_whitelist

> reject_rbl_client bl.spamcop.net,
> reject_rbl_client dnsbl.sorbs.net,
> reject_rbl_client cbl.abuseat.org,
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> reject_non_fqdn_sender,
> reject_non_fqdn_recipient,
> reject_unknown_sender_domain,
> reject_unknown_recipient_domain,
> permit
>

# client_whitelist
# use the IP number, not the name.
1.1.1.1 permit_auth_destination

Be sure to run "postmap client_whitelist" after editing the
whitelist, and run "postfix reload" after editing main.cf.

   -- Noel Jones