NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-06

check_client access - match by client hostname dont work (for me), help please

sftfyandex.ru
Date: Fri Jun 01 2007 - 08:48:44 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!
I would like to bypass reject_unknown_reverse_client_hostname for certain clients
(by their host names) and use configuration below.

If I use client IP as key, it's work well, but if I use client name (like in this example)
it does not work (see mail.log below).
Looks like postfix checks only IP's against /etc/postfix/maps/inet/check_inet_hosts.

From postconf.5 I have understood, that I can use a client hostname:
"check_client_access type:table
Search the specified access database for the **client hostname**,
parent domains, client IP address..."
What have I made incorrectly?
Thanks!

Debian etch/postfix-2.3.4-3

/etc/postfix/master.cf-------------------------------------------------------
195.xxx.xxx.xxx:smtp inet n - n - - smtpd
  -o smtpd_client_restrictions=inet_smtpd_client_restrictions_class
  -o smtpd_recipient_restrictions=inet_sr_class_lite
  ...

/etc/postfix/main.cf----------------------------------------------------------
smtpd_restriction_classes =
  ...
  inet_smtpd_client_restrictions_class,
  ...
inet_smtpd_client_restrictions_class=
  check_client_access hash:/etc/postfix/maps/inet/check_inet_hosts,
  reject_unknown_reverse_client_hostname
  ...

/etc/postfix/maps/inet/check_inet_hosts-----------------------------------------
.a3a.ru OK
router.a3a.ru OK
.oblfu.omsknet.ru OK
inet.oblfu.omsknet.ru OK

/var/log/mail.log---------------------------------------------------------------
...
postfix/smtpd[24104]: >>> START Client host RESTRICTIONS <<<
postfix/smtpd[24104]: generic_checks: name=inet_smtpd_client_restrictions_class
postfix/smtpd[24104]: >>> START Client host RESTRICTIONS <<<
postfix/smtpd[24104]: generic_checks: name=check_client_access
postfix/smtpd[24104]: check_namadr_access: name unknown addr 195.162.33.82
postfix/smtpd[24104]: check_domain_access: unknown
postfix/smtpd[24104]: check_addr_access: 195.162.33.82
postfix/smtpd[24104]: generic_checks: name=check_client_access status=0
postfix/smtpd[24104]: generic_checks: name=reject_unknown_reverse_client_hostname
postfix/smtpd[24104]: reject_unknown_reverse_name: unknown
postfix/smtpd[24104]: NOQUEUE: reject: RCPT from unknown[195.162.33.82]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [195.162.33.82]; from=<> to=<tomedomain.ru> proto=ESMTP helo=<inet.oblfu.omsknet.ru>
postfix/smtpd[24104]: generic_checks: name=reject_unknown_reverse_client_hostname status=2
postfix/smtpd[24104]: generic_checks: name=inet_smtpd_client_restrictions_class status=2
postfix/smtpd[24104]: > unknown[195.162.33.82]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [195.162.33.82]
...

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]