From: Brian Evans - Postfix List (grknightscent-team.com)
Date: Mon Jun 15 2009 - 12:15:52 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dennis Putnam wrote:
> The 'smtpdreject' contains, as the first entry:
>
> nnn.nnn.nnn.0 OK
As Magnus points out, this is too little information.

Also, this will never match anything.
access(5) says that:
      net.work.addr.ess
       net.work.addr
       net.work
       net Matches the specified IPv4 host address or subnet-
              work. An IPv4 host address is a sequence of four
              decimal octets separated by ".".

              Subnetworks are matched by repeatedly truncating
              the last ".octet" from the remote IPv4 host address
              string until a match is found in the access table,
              or until further truncation is not possible.

If your Postfix supports cidr tables (check with postconf -m), it may be
simpler to use those for the familiar netmask syntax.

In addition, it is unwise to blanket OK untrusted networks before
reject_unauth_destination.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]