From LedHed's Wiki
Jump to: navigation, search
Line 13: Line 13:
 
       reject_unauth_destination
 
       reject_unauth_destination
 
       reject_unlisted_recipient
 
       reject_unlisted_recipient
       check_client_access pcre:/etc/postfix/dspam-filter.cf
+
       check_client_access pcre:/etc/postfix/spam-filter.cf
 
<br>
 
<br>
  
 
''NOTE:'' '''''[http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_recipient reject_unlisted_recipient]''''' ''is the best thing since sliced bread!''<br>
 
''NOTE:'' '''''[http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_recipient reject_unlisted_recipient]''''' ''is the best thing since sliced bread!''<br>
 
It will reject mail where the recipient domain is listed in Virtual_Mailbox_Domains but the recipient is not listed in Virtual_Mailbox_Maps. You would think this goes without saying, but this isn't the default behavior. When in doubt add this line!
 
It will reject mail where the recipient domain is listed in Virtual_Mailbox_Domains but the recipient is not listed in Virtual_Mailbox_Maps. You would think this goes without saying, but this isn't the default behavior. When in doubt add this line!
 +
 +
 +
In the example [http://www.postfix.org/postconf.5.html#check_client_access check_client_access] call the file spam-filter.cf
 +
This is an example of what I call message routing (Not sure if this is really whats its called :) ). Basically any message that hasn't been accepted or rejected by the precious checks is then handled by check_client_access. This PCRE file contains
 +
 +
/./ FILTER lmtp:unix:/spamfilter.sock
 +
 +
/./ is a wildcard that will catch every message and in this case send it to spamfilter.sock
 +
 +
The result is that messages that are NOT sent from "mynetworks", are NOT "sasl_authenticated", have a "authorized destination", and have a "listed recipient" are then '''routed''' to the spam filter.
 +
 +
 +
  
 
[[Category:Postfix]]
 
[[Category:Postfix]]

Revision as of 21:15, 16 August 2006

These restrictions are useful for accepting, rejecting and even routing messages.

Reference: smtpd_recipient_restrictions in the postfix documentation

Example:

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions =
      permit_mynetworks
      permit_sasl_authenticated
      reject_unauth_destination
      reject_unlisted_recipient
      check_client_access pcre:/etc/postfix/spam-filter.cf


NOTE: reject_unlisted_recipient is the best thing since sliced bread!
It will reject mail where the recipient domain is listed in Virtual_Mailbox_Domains but the recipient is not listed in Virtual_Mailbox_Maps. You would think this goes without saying, but this isn't the default behavior. When in doubt add this line!


In the example check_client_access call the file spam-filter.cf This is an example of what I call message routing (Not sure if this is really whats its called :) ). Basically any message that hasn't been accepted or rejected by the precious checks is then handled by check_client_access. This PCRE file contains

/./ FILTER lmtp:unix:/spamfilter.sock

/./ is a wildcard that will catch every message and in this case send it to spamfilter.sock

The result is that messages that are NOT sent from "mynetworks", are NOT "sasl_authenticated", have a "authorized destination", and have a "listed recipient" are then routed to the spam filter.