Boyd Lynn Gerber wrote:
On Thu, 23 Aug 2007, Sandy Drobic wrote:
Looks like scrambled eggs. (^-^)
Sadly, yes
A restriction class in Postfix is meant to combine two different checks. I still don't really know what exactly you want to restrict.
Do you mean that you want to restrict all CLIENTS in 192.168.0.0/16 to send only to local domains?
Yes, 192.168.0.0/16 only can send between 192.168.0.0/16
In that case you would use something like this:
smtpd_restriction_classes = local_only local_only = reject_unlisted_recipient permit_auth_destination
My bad... local_only = reject_unlisted_recipient permit_auth_destination reject
smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/clients_local_only permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
/etc/postfix/clients_local_only: 192.168.0.0/16 local_only
That is what I have now, but they can send outside of 192.168.x.x The access file I have modified to also have the local_only This is my main.cf file.
No wonder, I forgot to add "reject" at the end of the restriction class. This will reject all mails to domains for which your server is not responsible, in other words, no relaying allowed. While it is possible to check the MX for a domain (check_recipient_mx_access), for security reasons you can't use "OK" as result for such a check. But "permit_auth_destination" should do the trick.
----------------------------------Main.cf-------------------------------
Better send the output of "postconf -n", it is much more readable. -- Sandy List replies only please! Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org