Christian Bricart schrieb:
restriction_classes = greylist, rblcheck
Das heist aber doch smtpd_restriction_classes
smtpd_restriction_classes (default: empty) User-defined aliases for groups of access restrictions. The aliases can be specified in smtpd_recipient_restrictions etc., and on the right-hand side of a Postfix access(5) table.
One major application is for implementing per-recipient UCE control. See the RESTRICTION_CLASS_README document for other examples
>>>>>http://www.postfix.org/RESTRICTION_CLASS_README.html<<<<<<<<<<<<<<<<
greylist = check_recipient_access = hash:/path/whitelist check_access = hash:/path/whitelist check_policy_service inet:127.0.0.1:4711
rblcheck = reject_rbl_client ix.dnsbl.manitu.net reject_rbl_client zen.spamhaus.org
smtpd_recipient_restrictions = .. check_recipient_access hash:/path/restrictions ..
würde das (vor allem das erste) gehen..? oder irgendwie anders?
Protecting internal email distribution lists We want to implement an internal email distribution list. Something like all@our.domain.com, which aliases to all employees. My first thought was to use the aliases map, but that would lead to "all" being accessible from the "outside", and this is not desired... :-)
Postfix can implement per-address access controls. What follows is based on the SMTP client IP address, and therefore is subject to IP spoofing.
/etc/postfix/main.cf: smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access ...the usual stuff...
/etc/postfix/access: all@my.domain permit_mynetworks,reject all@my.hostname permit_mynetworks,reject Specify dbm instead of hash if your system uses dbm files instead of db files. To find out what map types Postfix supports, use the command postconf -m.
# /path/restrictions: example.net greylist, rblcheck example.com greylist example.de rblcheck
Mit freundlichen Grüßen
Drießen