[PLUG] Postfix question

Linh Pham question+pdxlinux at closedsrc.org
Thu Feb 18 20:16:07 UTC 2021


This is what I have in my main.cf:

smtpd_client_restrictions =
        sleep 1
        reject_unauth_pipelining
        check_client_access cidr:/usr/local/etc/postfix/reject.cidr
        permit_sasl_authenticated
        permit_mynetworks
        check_client_access hash:/usr/local/etc/postfix/access
        check_client_access cidr:/usr/local/etc/postfix/cidr
#       reject_rbl_client 100.0.0.0.geobl.spamanalysis.org
        reject_rbl_client zen.spamhaus.org
        reject_rbl_client bl.mailspike.net
#       reject_rbl_client bl.spamcop.net
#       reject_rbl_client dnsbl.sorbs.net
#       reject_rbl_client psbl.surriel.com
#       reject_rbl_client ubl.unsubscore.com
        reject_invalid_hostname
        reject_unauth_destination
        permit

And, this is what I have for my Postfix files under
/usr/local/etc/postfix (Postfix 2.5.9 on FreeBSD 11.4):

drwxr-xr-x   4 root  wheel    1024 Feb 16 15:10 ./
drwxr-xr-x  18 root  wheel    1536 Jan 31 08:59 ../
-rw-r--r--   1 root  wheel     938 Feb  5  2019 access
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 access.db
-rw-r--r--   1 root  wheel     695 May  4  2015 aliases
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 aliases.db
-rw-r--r--   1 root  wheel    3547 Jan 31 09:06 bounce.cf.default
-rw-r--r--   1 root  wheel    3014 May 10  2020 cidr
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 cidr.db
-rw-r--r--   1 root  wheel    6500 May  3  2020 header_checks
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 header_checks.db
-rw-r--r--   1 root  wheel     482 Jul 31  2020 helo_access
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 helo_access.db
-rw-r--r--   1 root  wheel   26493 Jan 31 09:06 LICENSE
-rw-r--r--   1 root  wheel     138 May  4  2015 loginmaps
-rw-r--r--   1 root  wheel    5273 Feb 16 15:10 main.cf
-rw-r--r--   1 root  wheel    5827 May  6  2019 master.cf
-rw-r--r--   1 root  wheel    1221 Jun 30  2018 reject.cidr
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 reject.cidr.db
-rw-r--r--   1 root  wheel      83 Jul 31  2020 sender_access
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 sender_access.db
-rw-r--r--   1 root  wheel   75668 May  4  2015 sinokorea-reject.cidr
-rw-r--r--   1 root  wheel  180224 Jan 31 09:10 sinokorea-reject.cidr.db
-rw-r--r--   1 root  wheel    1629 Jan 31 09:06 TLS_LICENSE
-rw-r--r--   1 root  wheel       0 May  4  2015 transport
-rw-r--r--   1 root  wheel   49152 Jan 31 09:10 transport.db
drwxr-xr-x   2 root  wheel    1024 Jan 31 09:11 virtuals/

I've always had mapped files for access, cidr, etc. and have it wouldn't
pick up new entries until I updated the respective .db files by running
`postmap` on them.


On 2021-02-18 11:59 -0800, Rich Shepard <rshepard at appl-ecosys.com> wrote:

> On Thu, 18 Feb 2021, Linh Pham wrote:
> 
> > Postfix doesn't look at the CIDR file directly. Instead, you need to
> > convert the file into a lookup table file by running `postmap` against the
> > plain-text file.
> > See: http://www.postfix.org/cidr_table.5.html
> 
> Linh,
> 
> What that says is, "The  Postfix mail system uses optional lookup tables.
> These tables are usually in dbm or db format. Alternatively, lookup tables
> can be specified in CIDR (Classless Inter-Domain Routing) form. In this
> case, each input is compared against a list of patterns. When a match is
> found, the corresponding result is returned and the search is terminated."
> 
> Notice the second sentence.
> 
> In /etc/postfix/main.cf I have rows such as this;
> check_client_access cidr:/etc/postfix/cidr/spammers.cidr,
> 
> Other lookups are hashed; e.g., rhsbl_sender_exceptions and
> rhsbl_sender_exceptions.db.
> 
> Regards,
> 
> Rich
> 
> 
> _______________________________________________
> PLUG: https://pdxlinux.org
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
> 

-- 
Linh Pham



More information about the PLUG mailing list