(4 intermediate revisions by the same user not shown) | |||
Line 14: | Line 14: | ||
reject_unlisted_recipient | reject_unlisted_recipient | ||
check_client_access pcre:/etc/postfix/spam-filter.cf | check_client_access pcre:/etc/postfix/spam-filter.cf | ||
− | |||
− | |||
− | |||
− | |||
+ | <br> | ||
+ | '''NOTES:''' | ||
+ | <br> | ||
+ | '''[http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_recipient reject_unlisted_recipient]''' ''The best thing since sliced bread!''<br> | ||
+ | It will reject mail where the recipient domain is listed in Virtual_Mailbox_Domains but the recipient is not listed in Virtual_Mailbox_Maps. You would think this goes without saying, but this isn't the default behavior. When in doubt add this line!<br> | ||
− | + | '''[http://www.postfix.org/postconf.5.html#check_client_access check_client_access]''' ''calls the file spam-filter.cf''<br> | |
− | This is an example of what I call message routing (Not sure if this is really whats its called :) ). Basically any message that hasn't been accepted or rejected by the | + | This is an example of what I call message routing (Not sure if this is really whats its called :) ). Basically any message that hasn't been accepted or rejected by the previous checks is then handled by check_client_access. The PCRE file (spam-filter.cf) contains: |
/./ FILTER lmtp:unix:/spamfilter.sock | /./ FILTER lmtp:unix:/spamfilter.sock | ||
Line 27: | Line 28: | ||
/./ is a wildcard that will catch every message and in this case send it to spamfilter.sock | /./ is a wildcard that will catch every message and in this case send it to spamfilter.sock | ||
− | The result is that messages that are NOT sent from "mynetworks", are NOT "sasl_authenticated", have a "authorized destination", and have a "listed recipient" are then '''routed''' to the spam filter. | + | The result is that messages that are NOT sent from within "mynetworks", are NOT "sasl_authenticated", have a "authorized destination", and have a "listed recipient" are then '''routed''' to the spam filter. |
Latest revision as of 21:25, 16 August 2006
These restrictions are useful for accepting, rejecting and even routing messages.
Reference: smtpd_recipient_restrictions in the postfix documentation
Example:
smtpd_sasl_auth_enable = yes broken_sasl_auth_clients = yes smtpd_sasl_security_options = noanonymous smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_unlisted_recipient check_client_access pcre:/etc/postfix/spam-filter.cf
NOTES:
reject_unlisted_recipient The best thing since sliced bread!
It will reject mail where the recipient domain is listed in Virtual_Mailbox_Domains but the recipient is not listed in Virtual_Mailbox_Maps. You would think this goes without saying, but this isn't the default behavior. When in doubt add this line!
check_client_access calls the file spam-filter.cf
This is an example of what I call message routing (Not sure if this is really whats its called :) ). Basically any message that hasn't been accepted or rejected by the previous checks is then handled by check_client_access. The PCRE file (spam-filter.cf) contains:
/./ FILTER lmtp:unix:/spamfilter.sock
/./ is a wildcard that will catch every message and in this case send it to spamfilter.sock
The result is that messages that are NOT sent from within "mynetworks", are NOT "sasl_authenticated", have a "authorized destination", and have a "listed recipient" are then routed to the spam filter.