Prev: Restrictions on localhost
Next: how to deny mail from specific domain
From: Stefan Palme on 14 Feb 2010 13:26
Hi,

I guess I'm just temporarily blind, but I can't find a solution.
I have a smtpd_recipient_restriction like this:

..., check_recipient_access hash:/etc/postfix/recipients, permit

with /etc/postfix/recipients:
user1(a)example.com REJECT don't use this!
user2(a)example.net DEFER some other reason
.. REJECT rejected for testing purposes

(This is just for some tests, so don't mind about how useful
this may be ;-)

The last entry in this file seems not to work - all recipient
addresses (except user1(a)example.com and user2(a)example.net) fall
through this test, so that the next rule in recipient_restrictions
("permit") applies to them.

Is there a way to define a kind of "fallback lookup pattern"?

[Some background information: this "recipients" file will later
be converted into an LDAP lookup. For this reason, the following
will NOT be a solution for me:

smtpd_recipient_restrictions =
...,
check_recipient_access ldap:/etc/postfix/recipients.cf,
reject rejected for testing purposes,

Because the person with access to the LDAP tree containing the
recipients information must also be able to define the default
behaviour for all the not explicitly specified recipient addresses].

Regards
-stefan-

From: Ralf Hildebrandt on 14 Feb 2010 13:40
* Stefan Palme <kleiner(a)hora-obscura.de>:
> Hi,
>
> I guess I'm just temporarily blind, but I can't find a solution.
> I have a smtpd_recipient_restriction like this:
>
> ..., check_recipient_access hash:/etc/postfix/recipients, permit

check_recipient_access hash:/etc/postfix/recipients
check_recipient_access pcre:/etc/postfix/recipients_default

// REJECT rejected for testing purposes

--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebrandt(a)charite.de | http://www.charite.de


From: Stefan Palme on 14 Feb 2010 13:42

> check_recipient_access hash:/etc/postfix/recipients
> check_recipient_access pcre:/etc/postfix/recipients_default
>
> // REJECT rejected for testing purposes

Thanks for the hint. But the content of "recipients_default" must
also be stored in LDAP (because some admin with LDAP access privileges
will define the default behaviour), so I can not use regular expression
lookups, but only the lookups as defined by the access(5) syntax.

-stefan-

From: Wietse Venema on 14 Feb 2010 13:52
Stefan Palme:
> Hi,
>
> I guess I'm just temporarily blind, but I can't find a solution.
> I have a smtpd_recipient_restriction like this:
>
> ..., check_recipient_access hash:/etc/postfix/recipients, permit

/etc/postfix/main.cf:
...
check_recipient_access hash:/etc/postfix/recipients
regexp:/etc/postfix/recipients.pcre
...

/etc/postfix/recipients.pcre:
/./ whatever

Wietse

From: Geert Hendrickx on 14 Feb 2010 14:07
On Sun, Feb 14, 2010 at 07:42:58PM +0100, Stefan Palme wrote:
>
> > check_recipient_access hash:/etc/postfix/recipients
> > check_recipient_access pcre:/etc/postfix/recipients_default
> >
> > // REJECT rejected for testing purposes
>
> Thanks for the hint. But the content of "recipients_default" must also be
> stored in LDAP (because some admin with LDAP access privileges will
> define the default behaviour), so I can not use regular expression
> lookups, but only the lookups as defined by the access(5) syntax.



If all recipients are in the same domain, you can specify a catch-all
address with the domain-default action:


user1(a)example.com action1
user2(a)example.com action2
@example.com REJECT foobar


Geert



--
Geert Hendrickx -=- ghen(a)telenet.be -=- PGP: 0xC4BB9E9F
This e-mail was composed using 100% recycled spam messages!

 |  Next  |  Last
Pages: 1 2 3
Prev: Restrictions on localhost
Next: how to deny mail from specific domain