![](https://seccdn.libravatar.org/avatar/e45393039687a3562c69d145e19a16ab.jpg?s=120&d=mm&r=g)
Hello and thanks in advance. I want all email from public IP's/internet to bk...@example.com to be rejected. The rules for restricting private IP's are working great thanks to Sandy Drobic here and Mouss from the postfix mail list. Now I need to stop all emails to users that begin with bk from the internet but allow all other's. For example of two users... bk2000@example.com bk1921680001@example.com Here is how the system is setup. ----------------- | | --- Internet-- | Gateway Box | Internet public IP | | |-----------------------| | example.com | nic 1 example.com | | email users@example.com | | | | Some users have bk1921680001@example.com | | which is the same as the machine ---------------- ip1921680001.local.example.com | bk1921680001@local.example.com | bk...@example.com not all users are machine | related but start with bk | bk..@192.168.0.1 | | nic's 2,3 | one 192.168.x.x | local.example.com | Many Systems using the entire 192.168.x.x space Email from any 192.168.x.x for bk...@example.com stays on the server for them to read/pickup varies(working). What I want/need is any email from the internet/Public IP to bk...@example.com to be rejected and keep working any email from local.example.com or 192.168.x.x for bk...@example.com. As it is now. So for DNS I have 64770 entries in local.example.com as follows: --------------------------local.example.com------------------------- $TTL 3600 @ IN SOA example.example.com. root.example.example.com.( 2007080401 ; Serial 3600 ; Refresh 1800 ; Retry 2419200 ; Expire 86400 ) ; Minimum IN NS example.example.com. ip1921680001 IN A 192.168.0.1 ip1921680002 IN A 192.168.0.2 ... ip192168255253 IN A 192.168.255.253 ip192168255254 IN A 192.168.255.254 --------------------------local.example.com------------------------- and rDNS ---------------------168.192.in-addr.arpa--------------------------- $TTL 3600 @ IN SOA example.example.com. root.example.example.com. ( 2007081201 ; Serial 3600 ; Refresh 1800 ; Retry 2419200 ; Expire 86400 ) ; Minimum IN NS example.example.com $GENERATE 1-254 0.$ IN PTR ip192168000$.local.hbboys.com. ... $GENERATE 1-254 255.$ IN PTR ip192168255$.local.example.com. ---------------------168.192.in-addr.arpa--------------------------- so postconf -n will give for ... masquerade_domains = example.com mydestination = example.com,$myhostname,localhost.$mydomain,mail.example.com myhostname = example.example.com Thanks, -- Boyd Gerber <gerberb@zenez.com> ZENEZ 1042 East Fort Union #135, Midvale Utah 84047 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org