From: Terry Carmen (terrycnysupport.com)
Date: Thu Oct 11 2007 - 11:26:50 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Noel Jones wrote:
> At 12:47 PM 10/10/2007, Victor Duchovni wrote:
>> On Wed, Oct 10, 2007 at 12:38:23PM -0500, Noel Jones wrote:
>>
>> > Now that I look at your file a little more closely, it appears you're
>> > using CIDR notation, which is only valid for cidr: type files. A
>> > check_sender_access map will never match an IP in a cidr table.
>>
>> Nor in a CIDR table, since "sender" is an email address, not a client
>> host.
>>
>> --
>> Viktor.
>
> Yes, we agree. Maybe we should spell this out for the OP.
>
> CIDR type entries (1.2.3.4/netmask) are only useful in a cidr: table.
> CIDR entries cannot be used in hash tables.
>
> Only check_client_access deals with client IP addresses.
> A check_sender_access table will never match an IP address regardless
> of table type.
>
> check_client_access = check the connecting client IP or verified
> hostname. Recorded in the topmost Received: header.
> check_helo_access = name given by the client in the HELO or EHLO
> command. Recorded in the topmost Received: header.
> check_sender_access = sender MAIL FROM address given by the client.
> Also usually recorded in the Return-Path: header.
> check_recipient_access = recipient RCPT TO address given by the
> client. No relation to any header.
>

I don't mean to be exceptionally dense, it's just a little hard to
figure out some of this from the docs. The above is an excellent
explanation of what everything is looking at, and is a huge help.

The postmap man page looked like it was saying that the cider table
needed to be compiled, however after reading this thread, it seems that
I was mistaken. The cidr table works much better when not compiled and
used in the section. 8-)

Thanks for the help guys!

Terry

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]