Hello and thanks in advance.
I want all email from public IP's/internet to bk...@example.com to be
rejected. The rules for restricting private IP's are working great thanks
to Sandy Drobic here and Mouss from the postfix mail list.
Now I need to stop all emails to users that begin with bk from the
internet but allow all other's. For example of two users...
bk2000@example.com
bk1921680001@example.com
Here is how the system is setup.
-----------------
| | --- Internet--
| Gateway Box | Internet public IP |
| |-----------------------|
| example.com | nic 1 example.com
| | email users@example.com
| |
| | Some users have bk1921680001@example.com
| | which is the same as the machine
---------------- ip1921680001.local.example.com
| bk1921680001@local.example.com
| bk...@example.com not all users are machine
| related but start with bk
| bk..@192.168.0.1
|
| nic's 2,3
| one 192.168.x.x
| local.example.com
|
Many Systems using the entire 192.168.x.x space
Email from any 192.168.x.x for bk...@example.com stays on the server for
them to read/pickup varies(working). What I want/need is any email from
the internet/Public IP to bk...@example.com to be rejected and keep
working any email from local.example.com or 192.168.x.x for
bk...@example.com. As it is now.
So for DNS I have 64770 entries in local.example.com as follows:
--------------------------local.example.com-------------------------
$TTL 3600
@ IN SOA example.example.com. root.example.example.com.(
2007080401 ; Serial
3600 ; Refresh
1800 ; Retry
2419200 ; Expire
86400 ) ; Minimum
IN NS example.example.com.
ip1921680001 IN A 192.168.0.1
ip1921680002 IN A 192.168.0.2
...
ip192168255253 IN A 192.168.255.253
ip192168255254 IN A 192.168.255.254
--------------------------local.example.com-------------------------
and rDNS
---------------------168.192.in-addr.arpa---------------------------
$TTL 3600
@ IN SOA example.example.com. root.example.example.com. (
2007081201 ; Serial
3600 ; Refresh
1800 ; Retry
2419200 ; Expire
86400 ) ; Minimum
IN NS example.example.com
$GENERATE 1-254 0.$ IN PTR ip192168000$.local.hbboys.com.
...
$GENERATE 1-254 255.$ IN PTR ip192168255$.local.example.com.
---------------------168.192.in-addr.arpa---------------------------
so postconf -n will give for ...
masquerade_domains = example.com
mydestination = example.com,$myhostname,localhost.$mydomain,mail.example.com
myhostname = example.example.com
Thanks,
--
Boyd Gerber