Prev: Am I really using a CIDR map?
Next: Pop-Before-Smtp let spam through Answered More on Firewall withpostfix?
From: Dimitrios Karapiperis on 6 Apr 2010 15:25
Hi there!

I am using Postfix 2.6 along with GNU Mailman for mailing lists.
My question is
if there is any way to relay e-mails with sender (MAIL FROM) of defined
domain names (eg. x(a)domain.tld) originated by a predefined set of ip
addresses
and reject all the others that originate from other ip addresses.


thanks in advance
Dimitrios

From: mouss on 6 Apr 2010 16:25
Dimitrios Karapiperis a écrit :
> Hi there!
>
> I am using Postfix 2.6 along with GNU Mailman for mailing lists.
> My question is
> if there is any way to relay e-mails with sender (MAIL FROM) of defined
> domain names (eg. x(a)domain.tld) originated by a predefined set of ip
> addresses
> and reject all the others that originate from other ip addresses.
>

your question is unclear. you may want to show an example.

do you mean that
- if mail comes "from" x(a)domain.tld, then
- if IP is in some set, then it's ok
- else reject

if so, then create a restriction class,

smtpd_restriction_class =
...
dont_foo


dont_foo =
check_client_access cidr:/etc/postfix/foo_ok
reject

smtpd_sender_restrictions =
check_sender_acces hash:/etc/postfix/foo_sender


== foo_sender:
joe(a)example.com dont_foo

From: Dimitrios Karapiperis on 7 Apr 2010 02:19
O/H mouss έγραψε:
> Dimitrios Karapiperis a écrit :
>
>> Hi there!
>>
>> I am using Postfix 2.6 along with GNU Mailman for mailing lists.
>> My question is
>> if there is any way to relay e-mails with sender (MAIL FROM) of defined
>> domain names (eg. x(a)domain.tld) originated by a predefined set of ip
>> addresses
>> and reject all the others that originate from other ip addresses.
>>
>>
>
> your question is unclear. you may want to show an example.
>
> do you mean that
> - if mail comes "from" x(a)domain.tld, then
> - if IP is in some set, then it's ok
> - else reject
>
> if so, then create a restriction class,
>
> smtpd_restriction_class =
> ...
> dont_foo
>
>
> dont_foo =
> check_client_access cidr:/etc/postfix/foo_ok
> reject
>
> smtpd_sender_restrictions =
> check_sender_acces hash:/etc/postfix/foo_sender
>
>
> == foo_sender:
> joe(a)example.com dont_foo
>
>


Hi
I mean exactly this.
If mail comes from @domain.tld from a predefined set of ips then relay
else if mail comes from @domain.tld from other ips then reject.

For other domains should still function regardless of ips.

 | 
Pages: 1
Prev: Am I really using a CIDR map?
Next: Pop-Before-Smtp let spam through Answered More on Firewall withpostfix?