|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Laurent Neiger (Laurent.Neiger
grenoble.cnrs.fr)
Date: Fri Nov 30 2007 - 04:08:09 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Mouss & postfixers folks,
One question about the solution you've found before applying it :
> mouss wrote:
>> smtpd_recipient_restrictions =
>> ...
>> reject_unauth_destination
>> # allow our gateway
>> check_client_access cidr:/etc/postfix/trusted_client
>> # block mail to main domain
>> check_recipient_access hash:/etc/postfix/block_main_domain
>> ...
>>
>>
>> == trusted_client:
>> 10.1.2.0/24 OK
>>
>> == block_main_domain:
>> main.example.com REJECT
>>
>>
>> In short:
>> 1. if it is our gateway, allow
>> 2. if it is to main domain, block (the gateway was allowed in step 1)
What if a single mail is addressed to both my main domain and another
one I host too ?
e.g. An external mail w/ RCPT TO: usermain.example.com,
user2myconference.com
Will postfix split the source into 2 separated mails then apply
smtpd_recipient_restrictions checks ?
If not, this mail directly reaching my postfix w/o using the gateway
will not match rule #1,
and how will it deal with rule #2 ?
I don't really know how to bench it and before applying this policy I'd
like to be sure no
bad border effects will occur...
Once more TIA for your hints.
Regards,
Laurent.
- application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]