Re: Message got through CIDR table reject rule

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Message got through CIDR table reject rule

Noel Jones-2
On 10/28/2020 11:22 AM, Joey J wrote:

> I have the following config:
> smtpd_recipient_restrictions =
>         permit_mynetworks
>         reject_unauth_destination
>         reject_non_fqdn_recipient
>         check_recipient_access  regexp:/etc/postfix/rcptaccess
>  check_sender_access  regexp:/etc/postfix/senderaccess
>  check_client_access  cidr:/etc/postfix/clientaccess hash:/etc/postfix/sender_reject cidr:/etc/postfix/sender_reject_ip
>
> sender_reject_ip has:
> 170.130.0.0/16  550 SPR-170.130.0.0



directives such as check_client_access take one single table name.

You need to prefix each table with how it is to be used, ie.
check_client_access cidr:/etc/postfix/sender_reject_ip




   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Message got through CIDR table reject rule

Joey J
To confirm, each table needs an entry like so:
check_client_access  cidr:/etc/postfix/clientaccess 
check_client_access  cidr:/etc/postfix/sender_reject_ip 

Thank you

On Wed, Oct 28, 2020 at 12:38 PM Noel Jones <[hidden email]> wrote:
On 10/28/2020 11:22 AM, Joey J wrote:

> I have the following config:
> smtpd_recipient_restrictions =
>         permit_mynetworks
>         reject_unauth_destination
>         reject_non_fqdn_recipient
>         check_recipient_access  regexp:/etc/postfix/rcptaccess
>  check_sender_access  regexp:/etc/postfix/senderaccess
>  check_client_access  cidr:/etc/postfix/clientaccess hash:/etc/postfix/sender_reject cidr:/etc/postfix/sender_reject_ip
>
> sender_reject_ip has:
> 170.130.0.0/16  550 SPR-170.130.0.0



directives such as check_client_access take one single table name.

You need to prefix each table with how it is to be used, ie.
check_client_access cidr:/etc/postfix/sender_reject_ip




   -- Noel Jones


--
Thanks!
Joey

Reply | Threaded
Open this post in threaded view
|

Re: Message got through CIDR table reject rule

Noel Jones-2

On 10/28/2020 1:34 PM, Joey J wrote:
> To confirm, each table needs an entry like so:
> check_client_access  cidr:/etc/postfix/clientaccess
> check_client_access  cidr:/etc/postfix/sender_reject_ip
>
> Thank you
>

Yes, each individual access table must be proceeded by a
check_*_access statement to tell postfix what the table will be used
for.



   -- Noel Jones