Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

smtpd_restriction_classes works partially; need some help

Status
Not open for further replies.
pete2012

pete2012

Technical User
Jan 9, 2013
4
NL
Hi,
I have the following question:
- By default: All hosts should be able to mail to domain1.org, domain2.org, internaldomain.org and subdomains
- If the host(s) may_use_external_mail, they should be able to mail to other external addresses
If a mail doesn't match above requirements, it has to be rejected.

The configuration below works, but I have to list each host in /etc/postfix/policy_by_machines.
And that is not what I want. Can somebody help me ?

Code: 
smtpd_restriction_classes = may_use_external_mail, only_internal_mail

may_use_external_mail =
   permit

only_internal_mail =
   check_recipient_access hash:/etc/postfix/allowed_recipients
   reject

smtpd_client_restrictions =
   check_client_access hash:/etc/postfix/policy_by_machines 
   permit

smtpd_recipient_restrictions =
   permit_mynetworks
   reject_unauth_destination
   permit

cat /etc/postfix/allowed_recipients
@domain1.org
@domain2.org

cat /etc/postfix/policy_by_machines 
workstation1.internal.domain       may_use_external_mail
workstation2.internal.domain       only_internal_mail
 
Sort by date Sort by votes
Code: 
of course the last line must be:
cat /etc/postfix/allowed_recipients
@domain1.org OK
@domain2.org OK
 
Upvote 0 Downvote
Well I already fixed it. Hope anyone can use it.
Code: 
relay_domains = $mydestination, hash:/etc/postfix/relay_domains
smtpd_helo_required = yes
smtpd_restriction_classes = may_use_external_mail
may_use_external_mail = permit
smtpd_client_restrictions =
   check_client_access hash:/etc/postfix/hosts_may_use_external_mail,
   reject_unauth_destination
   reject_invalid_hostname,
   reject_non_fqdn_hostname,
   reject_non_fqdn_sender,
   reject_non_fqdn_recipient,
   reject_unknown_hostname
 
Upvote 0 Downvote
Simpler and finally working:
Code: 
relay_domains = $mydestination, hash:/etc/postfix/relay_domains

smtpd_restriction_classes =
   may_use_external_mail

may_use_external_mail =
   permit

smtpd_recipient_restrictions =
   check_client_access hash:/etc/postfix/hosts_may_use_external_mail
   reject_unauth_destination
   permit
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

litchi
  • Locked
  • Question
SMTP issue need urgent help
Replies
0
Views
309
litchi
litchi
7xja
  • Locked
  • Question
Some problems on Postfix 3.6
Replies
0
Views
327
7xja
7xja
alexk345
  • Locked
  • Question
I need a way to block outgoing recipients using Mysql - Postfix / Postmap
Replies
1
Views
332
alexk345
alexk345
Multisites
  • Locked
  • Question
Need to Understand the real differences
Replies
2
Views
113
Multisites
Multisites
Armin Tangelder
  • Locked
  • Question
close to desperation Postfix/Dovecot everything BUT sending mail works.
Replies
1
Views
173
Armin Tangelder
Armin Tangelder

Part and Inventory Search

Sponsor

Back
Top