NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2006-04

Re: access file : DISCARD vs REJECT

From: Pascal Maes (pascal.maeselec.ucl.ac.be)
Date: Fri Apr 07 2006 - 04:51:43 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le 7 avr. 06 à 10:57, Magnus Bäck a écrit :

> On Fri, April 7, 2006 10:42 am, Pascal Maes said:
>
>> In main.cf, I have a rule for smtpd_recipient_restrictions which
>> says :
>>
>> check_sender_access hash:/etc/postfix/access
>>
>> In the file access, I have the following line :
>>
>> namedomain.be REJECT
>>
>> and it works !
>>
>> mail from: namedomain.be
>> 250 2.1.0 Ok
>> rcpt to: pascal.maeselec.ucl.ac.be
>> 554 5.7.1 <namedomain.be>: Sender address rejected: Access denied
>>
>> If I replace REJECT by DISCARD, it doesn't work anymore (I receive
>> the mail)
>>
>> mail from: namedomain.be
>> 250 2.1.0 Ok
>> rcpt to: pascal.maeselec.ucl.ac.be
>> 250 2.1.5 Ok
>
> This doesn't prove that you receive the mail, it only proves that
> Postfix
> doesn't reject the MAIL FROM and RCPT TO commands. Show logs instead.
>
> --
> Magnus Bäck
> magnusdsek.lth.se
>

log of the reject :

Apr 7 10:26:32 smtp-1 postfix/smtpd[19379]: connect from
gaia.elec.ucl.ac.be[130.104.236.1]
Apr 7 10:26:44 smtp-1 postfix/smtpd[19379]: NOQUEUE: reject: RCPT
from gaia.elec.ucl.ac.be[130.104.236.1]: 554 5.7.1 <namedomain.be>:
Sender address rejected: Access denied; from=<namedomain.be>
to=<pascal.maeselec.ucl.ac.be> proto=SMTP helo=<gaia.elec.ucl.ac.be>

log of the discard (complete sequence with clamsmtp and mailscanner) :

Apr 7 10:27:54 smtp-1 postfix/smtpd[19463]: 300D75F4:
client=gaia.elec.ucl.ac.be[130.104.236.1]
Apr 7 10:28:00 smtp-1 postfix/cleanup[19468]: 300D75F4: hold: header
Received: from smtp-1.dynsipr.ucl.ac.be (localhost.localdomain
[127.0.0.1])??by smtp-1.dynsipr.ucl.ac.be (Postfix) with ESMTP id
300D75F4??for <pascal.maeselec.ucl.ac.be>; Fri, 7 Apr 2006 10:27:54
+ from gaia.elec.ucl.ac.be[130.104.236.1]; from=<namedomain.be>
to=<pascal.maeselec.ucl.ac.be> proto=SMTP helo=<gaia.elec.ucl.ac.be>
Apr 7 10:28:00 smtp-1 postfix/cleanup[19468]: 300D75F4: message-
id=<20060407082754.300D75F4smtp-1.dynsipr.ucl.ac.be>
Apr 7 10:28:00 smtp-1 clamsmtpd: 10FD84: from=namedomain.be,
to=pascal.maeselec.ucl.ac.be, status=CLEAN
Apr 7 10:28:03 smtp-1 MailScanner[12001]: Message 300D75F4.504A6
from 127.0.0.1 (namedomain.be) to elec.ucl.ac.be is n'est pas u
n polluriel, SpamAssassin (score=2.928, requis 5, MISSING_SUBJECT
0.57, MSGID_FROM_MTA_ID 0.93, NO_REAL_NAME 0.55, SPF_HELO_PASS -0.
00, SPF_PASS -0.00, UNDISC_RECIPS 0.88)
Apr 7 10:28:04 smtp-1 MailScanner[12001]: Requeue: 300D75F4.504A6 to
BBA3A5B4
Apr 7 10:28:04 smtp-1 MailScanner[12001]: Uninfected: Delivered 1
messages
Apr 7 10:28:04 smtp-1 postfix/qmgr[19348]: BBA3A5B4:
from=<namedomain.be>, size=697, nrcpt=1 (queue active)
Apr 7 10:28:04 smtp-1 MailScanner[12001]: Batch processed in 3.47
seconds
Apr 7 10:28:04 smtp-1 postfix/smtp[19475]: BBA3A5B4:
to=<pascal.maeselec.ucl.ac.be>, relay=gaia.elec.ucl.ac.be
[130.104.236.1]:25,
delay=10, delays=9.9/0/0.05/0.27, dsn=2.0.0, status=sent (250 2.0.0
k378S3AU007329 Message accepted for delivery)
Apr 7 10:28:04 smtp-1 postfix/qmgr[19348]: BBA3A5B4: removed

--
Pascal

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]