my networks exclusions not working?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

my networks exclusions not working?

Chris St Denis-4
I have the following mynetworks defined

Dispite having "69.31.160.0/20" defined and "!69.31.174.220" defined, I
can still relay mail from 69.31.174.220 without smtp authentication. Why
is this?

Does order matter or is there another problem with my syntax?

mynetworks = 69.31.160.0/20,
                69.31.176.0/20,
                69.67.160.0/20,
                69.67.176.0/20,
                207.102.197.0/24,
                207.194.228.0/24,
                207.194.229.0/24,
                209.52.5.0/24,
                209.52.15.0/24,
                209.52.25.0/24,
                209.52.26.0/24,
                209.52.30.0/24,
               !69.67.187.103,
               !69.67.187.113,
               !69.67.187.116,
               209.87.128.0/20,
               64.251.83.160/27,
               !69.31.165.146,
               !69.31.174.220,
               206.12.31.0/24,
               206.12.175.0/24,
               207.102.30.0/24,
Reply | Threaded
Open this post in threaded view
|

RE: my networks exclusions not working?

MacShane, Tracy
 

> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]] On Behalf Of Chris St Denis
> Sent: Tuesday, 9 September 2008 10:41 AM
> To: [hidden email]
> Subject: my networks exclusions not working?
>
> I have the following mynetworks defined
>
> Dispite having "69.31.160.0/20" defined and "!69.31.174.220"
> defined, I can still relay mail from 69.31.174.220 without
> smtp authentication. Why is this?
>
> Does order matter or is there another problem with my syntax?
>
> mynetworks = 69.31.160.0/20,
>              [...]
>              !69.31.174.220,

Table lookups generally return the first match encountered, and since
it's a trivial change, try putting the exclusion before the broader
inclusion to see if that makes the difference.

But I'm sure someone can give us the official word if that's not quite
right.

 
Reply | Threaded
Open this post in threaded view
|

Re: my networks exclusions not working?

Noel Jones-2
In reply to this post by Chris St Denis-4
Chris St Denis wrote:
> I have the following mynetworks defined
>
> Dispite having "69.31.160.0/20" defined and "!69.31.174.220" defined, I
> can still relay mail from 69.31.174.220 without smtp authentication. Why
> is this?
>
> Does order matter or is there another problem with my syntax?

Yes, order matters; the exceptions must go first.  See
http://www.postfix.org/postconf.5.html#mynetworks
which reads in part:
    The list is matched left to right, and the search
    stops on the first match.


--
Noel Jones

>
> mynetworks = 69.31.160.0/20,
>                69.31.176.0/20,
>                69.67.160.0/20,
>                69.67.176.0/20,
>                207.102.197.0/24,
>                207.194.228.0/24,
>                207.194.229.0/24,
>                209.52.5.0/24,
>                209.52.15.0/24,
>                209.52.25.0/24,
>                209.52.26.0/24,
>                209.52.30.0/24,
>               !69.67.187.103,
>               !69.67.187.113,
>               !69.67.187.116,
>               209.87.128.0/20,
>               64.251.83.160/27,
>               !69.31.165.146,
>               !69.31.174.220,
>               206.12.31.0/24,
>               206.12.175.0/24,
>               207.102.30.0/24,