Question about Postfix configuration

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Question about Postfix configuration

KeesGoet

In a Postfix-configuration which was setup some time ago by a previous colleague of mine, I ran into the following

construction:

 

smtpd_sender_restrictions =

 ....

 check_recipient_access regexp:/etc/postfix/access.recipient.regexp

 ....

 permit

 

smtpd_recipient_restrictions =

 ....

 check_sender_access regexp:/etc/postfix/access.sender.regexp

 ....

 permit

 

I would assume that check_recipient_access would be used in the smtpd_recipient restrictions and

check_sender_access in the smtpd_sender_restrictions.

 

Could there be a particular reason why it is done this way?

 

Thanks.

Kees.

 

Reply | Threaded
Open this post in threaded view
|

Re: Question about Postfix configuration

mouss-2
Goet, Kees wrote:

> In a Postfix-configuration which was setup some time ago by a previous
> colleague of mine, I ran into the following
>
> construction:
>
>  
>
> smtpd_sender_restrictions =
>
>  ....
>
>  check_recipient_access regexp:/etc/postfix/access.recipient.regexp
>
>  ....
>
>  permit
>
>  
>
> smtpd_recipient_restrictions =
>
>  ....
>
>  check_sender_access regexp:/etc/postfix/access.sender.regexp
>
>  ....
>
>  permit
>
>  
>
> I would assume that check_recipient_access would be used in the
> smtpd_recipient restrictions and
>
> check_sender_access in the smtpd_sender_restrictions.
>
>  

all checks can be used at any stage provided the information is
available. In the default setup, client, helo, sender and recipient
restrictions are all run at RCPT stage.

A common approach is to put (almost) all checks under
smtpd_recipient_restrictions, as this avoids repeating "whitelists" and
may be easier to "follow" (sequential list).
>  
>
> Could there be a particular reason why it is done this way?
>  

we can't tell unless we know the full details.