OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Sean Kelly (sean.kellythe-web-works.co.uk)
Date: Tue Apr 03 2001 - 06:52:40 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi there,

            I've come across a problem when building my new mail relay. My new
    mail server is supposed to accept mail for all domains which we virus check
    e-mail for and also from certain clients who pay to have outgoing e-mail
    swept for viruses. The actually virus checking is handled by the machine
    set as 'relayhost' in main.cf.

            I have the following config lines in main.cf:

    ##########
    relay_domains = $mydestination, /etc/postfix-in/relays

    smtpd_recipient_restrictions =
            permit_mynetworks
            check_client_access hash:/etc/postfix-in/client_access
            check_relay_domains

    smtpd_client_restrictions =
            permit_mynetworks
            check_client_access hash:/etc/postfix-in/client_access
            reject
    ##########

            When I connect to the mail server from a client listed in
    /etc/postfix-in/client_access I can send mail to any domain. This is good.

            Connecting from a client NOT listed in /etc/postfix-in/client_access
    should allow me to only send mail to domains listed in
    /etc/postfix-in/relays. However, I cannot. I get the error message:

                    554 <host[IP]>: Client host rejected: Access denied

    in the logs. This is bad.

            I thought that this may be to do with the ordering of
    'check_client_access' and 'check_relay_domains' in the config file, but
    swapping them around broke the system even more.

            Advice? Comments?

            Thanks, 

    --
Sean Kelly <sean.kellythe-web-works.co.uk>

    **********************************************************************
This email message has been scanned by MIMEsweeper for the presence of 
computer viruses.

    This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they   
are addressed. If you have received this email in error please notify 
the system manager.

    the-web-works.co.uk
0191 201 8203
**********************************************************************

    -
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users