Facebook
Twitter
R
ramuva
Guest
I've posted this in troubleshooting forum, but double posting here:
Right now default settings for postfix in main.cf are:
----------------
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_client_restrictions = reject_rbl_client
----------------
there reject_rbl_client should not be in here at all the directive is empty. And it should be appended to the end of the string, not prepended. why it should be done was discussed in this thread:
http://forum.parallels.com/showthread.php?t=87605
permit_mynetworks, permit_sasl_authenticated should be moved from recipients restrictions to client restrictions.
smtp_client restrictions are checked before smtpd_recipients restrictions. If one of the clients is a mobile one, who connects from all around the places, chances are that sooner than later he will connect from address which is blacklists and server will reject any mail from him.
The suggested settings would be:
-------------------------------
smtpd_recipient_restrictions = reject_unauth_destination
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated [, reject_rbl_client if any]
-------------------------------
This ways we accept and relay mail for our authenticated clients even if they connect from blacklisted addresses.
Right now default settings for postfix in main.cf are:
----------------
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_client_restrictions = reject_rbl_client
----------------
there reject_rbl_client should not be in here at all the directive is empty. And it should be appended to the end of the string, not prepended. why it should be done was discussed in this thread:
http://forum.parallels.com/showthread.php?t=87605
permit_mynetworks, permit_sasl_authenticated should be moved from recipients restrictions to client restrictions.
smtp_client restrictions are checked before smtpd_recipients restrictions. If one of the clients is a mobile one, who connects from all around the places, chances are that sooner than later he will connect from address which is blacklists and server will reject any mail from him.
The suggested settings would be:
-------------------------------
smtpd_recipient_restrictions = reject_unauth_destination
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated [, reject_rbl_client if any]
-------------------------------
This ways we accept and relay mail for our authenticated clients even if they connect from blacklisted addresses.
