postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: question about mynetworks and reject_rbl_client d

question about mynetworks and reject_rbl_client directives

From: Christopher Adams <adamsca_at_nospam>
Date: Wed Oct 27 2010 - 18:41:37 GMT
To: Postfix users <postfix-users@postfix.org>

Hello all,

I am a bit confused about setting restrictions on which domains can
send through my server. I am utilizing some reject_rbl_client
directives to check mail with free spam repositories. One of the valid
domains sending to this server was blacklisted by one of the
repositories. I would like to know how to override this so that
blacklisting doesn't happen to this domain again, while still using
this spam filtering.

For mynetworks, I have:

mynetworks_style = subnet

I also have mynetworks = my.local.subnet, 127.0.0.0/8

I know that this latter directive overrides mynetworks_style, so they
essentially do the same thing. Would I just add the IP(s) of the
domain that I want to accept to mynetworks, make sure that happens
before the reject_rbl_client directives and call it good. I think that
is what I should be doing, but just want to verify. Is the point to
doing this to allow those IPs regardless of any other restrictions
that come later. All others would be considered "strangers" and
vulnerable to other directives.

smtpd_recipient_restrictions =
   permit_sasl_authenticated,
   permit_mynetworks,
   reject_unauth_destination,
   reject_rbl_client bl.spamcop.net,
   reject_rbl_client dnsbl.sorbs.net,
   reject_rbl_client cbl.abuseat.org,
   reject_invalid_hostname,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_sender_domain,
   reject_unknown_recipient_domain,
   permit

-- Christopher Adams adamsca@gmail.com