Postfix / Postini question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Quoting Feizhou <feizhou@xxxxxxxxxxxx>:

> Barry Brimer wrote:
> >
> > I have a mail server that handles several domains.  One of these domains
> has
> > decided to use Postini.  For those not familiar with Postini, you set your
> MX
> > records to use their mail servers.  They filter mail, and deliver you only
> the
> > clean virus/spam free mail.  The idea is to only allow incoming mail from
> their
> > mail servers so spammers are unable to send to your mail server directly.
> This
> > is fairly simple to do with standard restriction classes for a dedicated
> mail
> > server.  I am not sure how to accomplish this on a shared mail server.
> Ideally
> > I would like to instruct postfix to accept mail from anywhere for all
> domains
> > except one domain (the one using Postini) and only allow mail destined for
> that
> > specific domain to originate from Postini's mail servers.  Any ideas would
> be
> > greatly appreciated.
>
> check_recipient_access
> 		key		value
> 		postini-domain	postini-domain-restrictions
>
> smtpd-restrictions
> 	postini-domain-restrictions
>
> postini-domain-restrictons
> 	check_client_access
> 		key			value
> 		postini-ips/rdns	OK
> 	check_client_access
> 		key			value
> 		anything(regex/pcre)	REJECT

Thanks for your response.  For further clarification, my understanding of your
instructions are as follows.  Please correct any mistakes I have made.  My
domain will be example.com

1.  Add an additional line to my smtpd_recipient_restrictions that reads:

check_recipient_access hash:/etc/postfix/recipient_checks

The contents of this file should read

example.com        example.com-restrictions

Once completed, I run postmap against this file.

2.  I currently use smtpd_recipient_restrictions for my access control.  Can I
include the example.com-restrictions directive in my
smtpd_recipient_restrictions, or does it really belong in
smtpd_sender_restrictions?  Is there actually a plain smtpd_restrictions
directive I am missing?

3.  example.com-restrictions is referenced in smtpd_xxx_restrictions above.
If I understand correctly, I should add a line to my
main.cf above my smtpd_recipient_restrictions that says:

example.com-restrictions =
   check_client_access regexp:/etc/postfix/example.com-restrictions.regexp

The contents of this file should read:

name or ip of postini-allowed mail server1 OK
name or ip of postini-allowed mail server2 OK
name or ip of postini-allowed mail server3 OK
name or ip of postini-allowed mail server4 OK
/^.*/ REJECT

Thanks so much for your help, any input/correction/validation of this
information is greatly appreciated!

Thanks!
Barry

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux