smtpd_recipient_restrictions reject_unknown_client_hostname

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

smtpd_recipient_restrictions reject_unknown_client_hostname

Francesc Peñalvez-2

I have this directive active reject_unknown_client_hostname and in some
ips when it does not solve at the moment of doing the RCPT it does not
solve correctly, as it is logical send code 450 blocking the mail. Well
my question is how could I put some ips in particular that I know are
reliable for that the reject_unknown_client_hostname be skipped. I have
added these ips with the OK directive in the access file but it does not
work as I would like it to do




smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: smtpd_recipient_restrictions reject_unknown_client_hostname

Matus UHLAR - fantomas
On 15.03.19 20:37, Francesc Peñalvez wrote:
>I have this directive active reject_unknown_client_hostname and in some
>ips when it does not solve at the moment of doing the RCPT it does not
>solve correctly, as it is logical send code 450 blocking the mail. Well
>my question is how could I put some ips in particular that I know are
>reliable for that the reject_unknown_client_hostname be skipped. I have
>added these ips with the OK directive in the access file but it does not
>work as I would like it to do

put check_client_access in front of the reject_unknown_client_hostname
allowing the trusted IPs.


--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"The box said 'Requires Windows 95 or better', so I bought a Macintosh".
Reply | Threaded
Open this post in threaded view
|

Re: smtpd_recipient_restrictions reject_unknown_client_hostname

Noel Jones-2
In reply to this post by Francesc Peñalvez-2
On 3/15/2019 2:37 PM, Francesc Peñalvez wrote:

>
> I have this directive active reject_unknown_client_hostname and in some
> ips when it does not solve at the moment of doing the RCPT it does not
> solve correctly, as it is logical send code 450 blocking the mail. Well
> my question is how could I put some ips in particular that I know are
> reliable for that the reject_unknown_client_hostname be skipped. I have
> added these ips with the OK directive in the access file but it does
> not
> work as I would like it to do
>
>
>


Postfix processes restrictions in order.  Your access table
whitelist must come before the rule rejecting the mail.

Move reject_unknown_client_hostname to *after* your access table in
your restriction list.

And for external IPs it's safer to use "PERMIT_AUTH_DESTINATION"
rather than "OK" to prevent open relay accidents.



   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: smtpd_recipient_restrictions reject_unknown_client_hostname

Francesc Peñalvez-2
In reply to this post by Matus UHLAR - fantomas
thank you I had not thought that postfix followed the order of the list

El 15/03/2019 a las 20:45, Matus UHLAR - fantomas escribió:

> On 15.03.19 20:37, Francesc Peñalvez wrote:
>> I have this directive active reject_unknown_client_hostname and in some
>> ips when it does not solve at the moment of doing the RCPT it does not
>> solve correctly, as it is logical send code 450 blocking the mail. Well
>> my question is how could I put some ips in particular that I know are
>> reliable for that the reject_unknown_client_hostname be skipped. I have
>> added these ips with the OK directive in the access file but it does not
>> work as I would like it to do
>
> put check_client_access in front of the reject_unknown_client_hostname
> allowing the trusted IPs.
>
>


smime.p7s (5K) Download Attachment