Hi,
Before I kick myglasses to the dust bin and go have my eyes checked can
someone point where I am misreading.
I am using SuSE 8.2 with postfix version postfix-2.0.6-8. There are
some users that their IP addreses do not resolve to a domain name yet
nevertheless I want to permit them to send mail. Hence I have added
them to the /etc/postfix/access file and generated the db with postmap
command.
Yet still they are unable to send mail as postfix rejects them
Nov 27 07:44:33 gardiyan postfix/smtpd[28376]: 478F6597E9: reject: RCPT
from unknown[21x.xxx.xxx.xxx]: 450 Client host rejected: cannot find
your hostname, [2xx.xxx.xxx.xxx]; from=
--- Togan Muftuoglu
I am using SuSE 8.2 with postfix version postfix-2.0.6-8. There are some users that their IP addreses do not resolve to a domain name yet nevertheless I want to permit them to send mail. Hence I have added them to the /etc/postfix/access file and generated the db with postmap command.
Yet still they are unable to send mail as postfix rejects them
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client relays.ordb.org, reject_rbl_client sbl.s pamhaus.org, reject_unknown_client
Try removing "reject_unknown_client" from smtpd_client_restrictions and then see what happens. ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca
* Rajesh Saxena;
Yet still they are unable to send mail as postfix rejects them
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client relays.ordb.org, reject_rbl_client sbl.s pamhaus.org, reject_unknown_client
Try removing "reject_unknown_client" from smtpd_client_restrictions and then see what happens.
Then what is the use of /etc/postfix/access file, I only want to accept mails from those problematic ones when I place an OK for them in the /etc/postfix/access -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://susefaq.sf.net
--- Togan Muftuoglu
* Rajesh Saxena;
on 27 Nov, 2003 wrote: Try removing "reject_unknown_client" from smtpd_client_restrictions and then see what happens.
Then what is the use of /etc/postfix/access file, I only want to accept mails from those problematic ones when I place an OK for them in the /etc/postfix/access
Using reject_unknown_client implies you don't want to accept mail from servers which don't have reverse dns setup ie. their ip address does not resolve to their hostname. Use this option local_recipient_maps to point to users who you want to accept mail for. I'm assuming you aren't using virtual domains. ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca
* Rajesh Saxena;
Then what is the use of /etc/postfix/access file, I only want to accept mails from those problematic ones when I place an OK for them in the /etc/postfix/access
Using reject_unknown_client implies you don't want to accept mail from servers which don't have reverse dns setup ie. their ip address does not resolve to their hostname. Use this option local_recipient_maps to point to users who you want to accept mail for. I'm assuming you aren't using virtual domains.
Yes exactly, no PTR setup no mail. Since this setup is just a mail hub it just gets the mail from the internet and delivers to the internal server so there are no actual users other then "fwadmin" so local_recipient_maps is not an option. So I am still missing the obvious. Hmm maybe I should stop learning German and play with my boxes. ps: just send the mail to the list it is easier do not put me on the TO or CC please Thanks -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://susefaq.sf.net
--- Togan Muftuoglu
Try removing "reject_unknown_client" from smtpd_client_restrictions and then see what happens.
Then what is the use of /etc/postfix/access file, I only want to accept mails from those problematic ones when I place an OK for them in the /etc/postfix/access
Sorry I realised once I sent the last email that I misread your first post. Include hash:/etc/postfix/access somewhere before reject_unknown_client in the smtpd_client_restrictions section. ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca
* Rajesh Saxena;
--- Togan Muftuoglu
wrote: > * Rajesh Saxena; on 27 Nov, 2003 wrote: Try removing "reject_unknown_client" from smtpd_client_restrictions and then see what happens.
Then what is the use of /etc/postfix/access file, I only want to accept mails from those problematic ones when I place an OK for them in the /etc/postfix/access
Sorry I realised once I sent the last email that I misread your first post. Include hash:/etc/postfix/access somewhere before reject_unknown_client in the smtpd_client_restrictions section.
Good timing as I just found it the same thing http://www.mengwong.com/misc/postfix-uce-guide.txt Restriction classes are evaluated in the natural order of an RFC821 transaction: client, helo, sender, recipient. Its interesting before posting the mail I read this paper atleast ten times looks like maybe I need reading glasses as well. On the other hand maybe SuSEconfig.postfix should have handled this. I'll see with 9.0 and if it is same as 8.2 I will put it on the bugzilla. Thanks for the help -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://susefaq.sf.net
--- Togan Muftuoglu
Good timing as I just found it the same thing
http://www.mengwong.com/misc/postfix-uce-guide.txt
Thanks for the help
No prob. here is another one: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca
* Togan Muftuoglu;
Sorry I realised once I sent the last email that I misread your first post. Include hash:/etc/postfix/access somewhere before reject_unknown_client in the smtpd_client_restrictions section.
Good timing as I just found it the same thing
http://www.mengwong.com/misc/postfix-uce-guide.txt
Restriction classes are evaluated in the natural order of an RFC821 transaction: client, helo, sender, recipient.
Its interesting before posting the mail I read this paper atleast ten times looks like maybe I need reading glasses as well. On the other hand maybe SuSEconfig.postfix should have handled this. I'll see with 9.0 and if it is same as 8.2 I will put it on the bugzilla.
No it does not work
toganm@shark:~> sudo /usr/sbin/postconf -h smtpd_client_restrictions
permit_sasl_authenticated, permit_mynetworks, hash:/etc/postfix/access,
reject_rbl_client relays.ordb.org, reject_rbl_client sbl.spamhaus.org,
reject_unknown_client
toganm@shark:~> sudo /usr/sbin/postconf -h smtpd_sender_restrictions
hash:/etc/postfix/access, reject_unknown_sender_domain
CCF1B597E9: reject: RCPT from unknown[2xx.xx.xx.xx]: 450 Client host
rejected: cannot find your hostname, [xxx.xx.xx.xx];
from=
participants (2)
-
Rajesh Saxena
-
Togan Muftuoglu