From: Noel Jones (njonesmegan.vbhcs.org)
Date: Fri Nov 17 2006 - 11:21:18 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 10:07 AM 11/17/2006, David Clymer wrote:
> > >>
> > >>> smtpd_data_restrictions = permit_mynetworks,
> > >>> check_recipient_access
> pcre:/etc/postfix/access/recipient_whitelist,
> > >>> check_sender_access
> pcre:/etc/postfix/access/sender_whitelist,
> > >>> check_client_access
> pcre:/etc/postfix/access/client_whitelist,
> > >>> check_client_access
> pcre:/etc/postfix/access/client_blacklist,
> > >>> reject_multi_recipient_bounce,
> > >>> reject_unauth_pipelining,
> > >>> reject_unauth_destination
> > >>>
> >
> > I have one (suggestion:). remove all your
> smtpd_data_restrictions except
> > reject_unauth_pipelining. then put all the other ones in
> > smtpd_recipient_restrictions.
> >
>
>I just realized I never posted the resolution to this. So,
>for the
>benefit of the googling masses, here it is:
>
>The "problem" was that I was using permit_auth_destination
>in my
>whitelist. I'm not exactly sure why this caused rejects
>for messages
>with multiple recipients that were on the same local
>domain, but anyway,
>changing my whitelist to use permit solved the problem.

No, the problem is that when there are multiple recipients,
your check_recipient_access table is not checked when it is
under smtpd_data_restrictions. At SMTP DATA stage,
per-recipient action is no longer possible, so
per-recipient checks are not performed when there are
multiple recipients.

> > I have one (suggestion:). remove all your
> smtpd_data_restrictions except
> > reject_unauth_pipelining. then put all the other ones in
> > smtpd_recipient_restrictions.

This is the correct suggestion, and the only possible solution.

--
Noel Jones

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]