From: Kai Fürstenberg (postfixfuerstenberg.ws)
Date: Thu Feb 01 2007 - 06:58:54 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I took this from a different thread:

>> As I understand the documentation, if you set "permit" somewhere in
>> the restrictions, the mail is accepted. So if you set
>> smtpd_client_restrictions just to "permit", postfix will accept all
>>mails, also foreign mail.
>
> No, the different smtpd_*_restriction parameters reject based on
> different pieces of information and a "permit" at any stage just means
> Postfix allows the client to go on to the next stage.
>
> For example, _client_ accepts or rejects based on the client's
> connection information (IP, hostname, certs, etc.). _sender_ accepts or
> rejects based on the From: header. _recipients_ accepts or rejects based
> on the To: header and is what controls whether or not the server acts as
> an open relay.
>
> The restrictions are checked in sequence (client, sender, recipient,
> in the above example) and a "permit" at each stage just means Postfix
> allows the client to keep talking to it. E.g. if _client_ is set to
> permit (which is the default) _sender_ and _recipient_ are still checked.

I re-read the SMTPD ACCESS README and I understood this (thanks Michael).

But what about the "OK"-action in access tables? I always heard (and
read) that, when a restriction receives an OK from an access table, the
mail is accepted.

E.G.:
main.cf:
smtpd_client_restrictions =
  check_client_access hash:/etc/postfix/access
  reject
smtpd_recipient_restrictions =
  reject

/etc/postfix/access:
10.0.0.1 OK

When the client 10.0.0.1 connects to Postfix, is he allowed to relay
mail through postfix, because of the OK in the access table, or does
this only take effect on smtpd_client_restrictions and the mail will be
rejected because of the smtpd_recipient_restrictions?

Kai

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]