|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Tim B. (mostlyharmless
optonline.net)
Date: Fri Apr 25 2008 - 07:27:53 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Arturo 'Buanzo' Busleiman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi!
>
> I wanted to implement a whitelist hash. You know, to specify a couple
> of RBL-blacklisted IP
> addresses to be whitelisted.
>
> I'm using this:
>
> smtpd_recipient_restrictions = reject_non_fqdn_sender,
> reject_non_fqdn_recipient,reject_unknown_sender_domain,
> reject_unknown_recipient_domain,reject_unauth_pipelining,
> permit_mynetworks,
> reject_unauth_destination,reject_rbl_client zen.spamhaus.org,
> check_policy_service
> unix:private/postgrey, check_policy_service unix:private/policyd-spf,
> check_client_access
> hash:/etc/postfix/maps/whitelist, permit
>
> And my /etc/postfix/maps/whitelist file (postmap-ed, yes) is of format
> "IP[tab]OK\n".
>
> But it doesn't seem to be working. They're still being rejected. What
> can I do?
>
> - --
> Arturo "Buanzo" Busleiman
> Reliable inter-continental Mail Relay Service - Ask me!
> Independent Security Consultant - SANS - OISSG
> http://www.buanzo.com.ar/pro/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFIEcQ8AlpOsGhXcE0RClVlAJ9IUxJ/ak88OfLyCr99NQGMdc/hoQCggX0f
> dul8QCmKyrhgEiBkdyXOR78=
> =iZP0
> -----END PGP SIGNATURE-----
>
I'm no super postfix expert, but: AFAIK
check_client_access hash:/etc/postfix/maps/whitelist
needs to come before:
reject_rbl_client zen.spamhaus.org
to skip the RBL check (and the rest of the checks for that matter).
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]