Boyd Lynn Gerber wrote:
Hello,
I have a complete forward and reverse DNS setup for local.domain.com and I am trying to restrict all 192.168.x.x addresses. I am using in main.cf
smtpd_restriction_classes = local_only local_only = check_recipient_access hash:/etc/postfix/local_only, reject smtpd_sender_restrictions = hash:/etc/postfix/access smtpd_client_restrictions = smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders, permit_sasl_authenticated,permit_mynetworks,check_relay_domains
and local_only has all 64770 entries below.
192.168.0.1 OK 192.168.0.2 OK ... 192.168.255.253 OK 192.168.255.254 OK
Looks like scrambled eggs. (^-^) A restriction class in Postfix is meant to combine two different checks. I still don't really know what exactly you want to restrict. Do you mean that you want to restrict all CLIENTS in 192.168.0.0/16 to send only to local domains? In that case you would use something like this: smtpd_restriction_classes = local_only local_only = reject_unlisted_recipient permit_auth_destination smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/clients_local_only permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination .... /etc/postfix/clients_local_only: 192.168.0.0/16 local_only The check_client_access MUST NOT return OK because that would allow the client to relay (in the order of checks it appears before reject_unauth_destination can restrict the destination). -- Sandy List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org