Part of Slepp's ProjectsPastebinTURLImagebinFilebin
Feedback -- English French German Japanese
Create Upload Newest Tools Donate
Sign In | Create Account

Paste Actions

Download Raw
Embed
pBin URL
Post to Twitter
View Tree
Remove Paste

Paste Details

Raw format, 7 years 11 months old, and 97 hits.

ac3
Tuesday, June 12th, 2007 at 6:28:19pm UTC 

  1. I want to whitelist certain domains for the reject_unknown_reverse_client_hostname restriction, but still checking the following restrictions in this restriction class (check_policy_service, reject_rbl_client,...)
  2.  
  3. I suppose the first one is incorrect, but the 2nd would work. Can someone verify this, or is there a better way to do it?
  4.  
  5. smtpd_recipient_restrictions =
  6.  reject_invalid_helo_hostname,
  7.  reject_non_fqdn_sender,
  8.  reject_non_fqdn_recipient,
  9.  reject_unknown_sender_domain,
  10.  reject_unknown_recipient_domain,
  11.  reject_multi_recipient_bounce,
  12.  permit_mynetworks,
  13.  permit_sasl_authenticated,
  14.  reject_unauth_destination,
  15.  check_client_access hash:/etc/postfix/checks/whitelist
  16.  reject_unknown_reverse_client_hostname,
  17.  check_policy_service inet:127.0.0.1:10031,
  18.  check_client_access pcre:/etc/postfix/checks/client_restrictions.pcre,
  19.  reject_rbl_client rbldnsd-virbl.dnsbl.bit.nl.dnsbl,
  20.  reject_rbl_client sbl.spamhaus.org.dnsbl,
  21.  reject_rbl_client xbl.spamhaus.org.dnsbl,
  22.  reject_rbl_client list.dsbl.org.dnsbl,
  23.  reject_rbl_client multihop.dsbl.org.dnsbl,
  24.  permit
  25.  
  26. cat /etc/postfix/checks/whitelist
  27. xxx.xxx.xxx.xxx  DUNNO    # whitelisted ip 1
  28. xxx.xxx.xxx.xxy  DUNNO    # whitelisted ip 2
  29.  
  30.  
  31.  
  32.  
  33. smtpd_recipient_restrictions =
  34.  reject_invalid_helo_hostname,
  35.  reject_non_fqdn_sender,
  36.  reject_non_fqdn_recipient,
  37.  reject_unknown_sender_domain,
  38.  reject_unknown_recipient_domain,
  39.  reject_multi_recipient_bounce,
  40.  permit_mynetworks,
  41.  permit_sasl_authenticated,
  42.  reject_unauth_destination,
  43.  check_client_access pcre:/etc/postfix/checks/reject_unknown_reverse_client_hostname,
  44.  check_policy_service inet:127.0.0.1:10031,
  45.  check_client_access pcre:/etc/postfix/checks/client_restrictions.pcre,
  46.  reject_rbl_client rbldnsd-virbl.dnsbl.bit.nl.dnsbl,
  47.  reject_rbl_client sbl.spamhaus.org.dnsbl,
  48.  reject_rbl_client xbl.spamhaus.org.dnsbl,
  49.  reject_rbl_client list.dsbl.org.dnsbl,
  50.  reject_rbl_client multihop.dsbl.org.dnsbl,
  51.  permit
  52.  
  53. cat /etc/postfix/checks/reject_unknown_reverse_client_hostname
  54. /xxx\.xxx\.xxx\.xxx/    DUNNO       # whitelisted ip 1
  55. /xxx\.xxx\.xxx\.xxy/    DUNNO       # whitelisted ip 2
  56. /.*/            reject_unknown_reverse_client_hostname

Update the Post

Either update this post and resubmit it with changes, or make a new post.

You may also comment on this post.

update paste below
details of the post (optional)

Note: Only the paste content is required, though the following information can be useful to others.

Save name / title?

(space separated, optional)



Please note that information posted here will expire by default in one month. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.

comments powered by Disqus
worth-right