|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
.sub.domain matching problem in client_access
From: James Garrison (jhg
athensgroup.com)
Date: Mon Jul 12 2004 - 16:43:30 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
From main.cf:
> smtpd_recipient_restrictions =
> reject_unauth_destination,
> permit_mynetworks,
> check_helo_access hash:/etc/postfix/check_helo,
> check_helo_access regexp:/etc/postfix/regexp_helo,
> check_client_access hash:/etc/postfix/client_whitelist,
> check_client_access hash:/etc/postfix/check_client,
> check_client_access regexp:/etc/postfix/check_client.re,
> check_sender_access hash:/etc/postfix/check_sender,
> reject_invalid_hostname,
> reject_non_fqdn_sender,
> reject_non_fqdn_recipient,
> reject_unknown_recipient_domain,
> permit
/etc/postfix/client_whitelist (processed into client_whitelist.db
with "postmap hash:/etc/postfix/client_whitelist":
> .biz.rr.com OK
> .ded.swbell.net OK
/etc/postfix/check_client.re contains:
> /[0-9]{1,3}[-_.][0-9]{1,3}[-_.].*\.[a-z]{2,}$/ REJECT Access Denied (SPAM rule 12a)
> /[-_.][0-9]{1,3}[-_.][0-9]{1,3}.*\.[a-z]{2,}$/ REJECT Access Denied (SPAM rule 12b)
The rules in check_client.re are intended to catch client
hostnames with typical DHCP rDNS entries used by cable/dsl
ISPs, which contain nnn-nnn-nnn-nnn.
I specifically want to whitelist the domains listed above,
but those hosts are consistently rejected by rules 12a or
12b because they also contain the IP address. For example
(broken into multiple lines):
> Jul 12 16:33:42 anathema postfix/smtpd[28731]: D1DB210D90: reject:
RCPT from rrcs-sw-24-173-238-134.biz.rr.com[24.173.238.134]:
554 <rrcs-sw-24-173-238-134.biz.rr.com[24.173.238.134]>:
Client host rejected: Access Denied (SPAM rule 12a);
from=<twzdnumjfaaemail.com> to=<curtisathensgroup.com>
proto=SMTP helo=<rrcs-sw-24-173-238-134.biz.rr.com>
I've obviously missed something but can't see it.
--
James Garrison Athens Group, Inc.
mailto:jhgathensgroup.com 5608 Parkcrest Dr
http://www.athensgroup.com Austin, TX 78731
PGP: RSA=0x92E90A3B DH/DSS=0x498D331C (512) 345-0600 x150
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]