Old set up - check_recipient_access

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Old set up - check_recipient_access

Nathan Vingoe-2
I have a very old set up runing postfix, and it uses this  line in the
main.cf

smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access
mysql:/
etc/postfix/mysql-virtual_rejects.cf, permit_sasl_authenticated,
check_relay_dom
ains

in that file we have

mailserver:/etc/postfix# more mysql-virtual_rejects.cf
user = root
password = password
dbname = provider
table = rejects
select_field = action
where_field = addy
hosts = 127.0.0.1

This is all good!!  and works!!!

I am slowly moving mail over to my new mail server, but some of the
accounts require this ability to block specific addresses..  and I can't
figure how to recreate it under the new set up..  aptitude tells me I am
running 2.3.8

can anyone help, as reproducing the table, mysql-virtual_rejects.cf and
main.cf doesn't work!

N

Reply | Threaded
Open this post in threaded view
|

Re: Old set up - check_recipient_access

Noel Jones-2
Nathan Vingoe wrote:

> I have a very old set up runing postfix, and it uses this  line in the
> main.cf
>
> smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access
> mysql:/
> etc/postfix/mysql-virtual_rejects.cf, permit_sasl_authenticated,
> check_relay_dom
> ains
>
> in that file we have
>
> mailserver:/etc/postfix# more mysql-virtual_rejects.cf
> user = root
> password = password
> dbname = provider
> table = rejects
> select_field = action
> where_field = addy
> hosts = 127.0.0.1
>
> This is all good!!  and works!!!
>
> I am slowly moving mail over to my new mail server, but some of the
> accounts require this ability to block specific addresses..  and I can't
> figure how to recreate it under the new set up..  aptitude tells me I am
> running 2.3.8
>
> can anyone help, as reproducing the table, mysql-virtual_rejects.cf and
> main.cf doesn't work!
>
> N
>


Doesn't work how?

In a very general sense, table lookups should be compatible
between different versions of postfix.  Any incompatible
changes are listed in the RELEASE_NOTES.  You'll need to read
those documents for yourself to see what affects you.

The check_recipient_access statement is correct if you are
trying to block a recipient address.  If you are trying to
block a sender's email address or a client IP/hostname, you
will need to use check_sender_access or check_client_access.
You have 'permit_mynetworks' before the check_recipient_access
statement, so those lookups won't be done for any client
listed in mynetworks.

Test table lookups with
# postmap -q 'TestData'  type:mapname
But note that the postmap query test does not do recursive
searches automatically.  The recursive searches postfix
performs for an access map are listed under "Search Order" in
the access(5) man page.
http://www.postfix.org/access.5.html

And if you're going to the trouble of upgrading postfix, I
strongly recommend you upgrade to the latest stable version,
currently 2.5.2.  If you must use the years-old 2.3 series, at
least use 2.3.14 which includes all fixes available for that
series.

If you need more help, please see:
http://www.postfix.org/DEBUG_README.html#mail


--
Noel Jones