[PLUG] Postfix question
Linh Pham
question+pdxlinux at closedsrc.org
Thu Feb 18 20:16:07 UTC 2021
This is what I have in my main.cf:
smtpd_client_restrictions =
sleep 1
reject_unauth_pipelining
check_client_access cidr:/usr/local/etc/postfix/reject.cidr
permit_sasl_authenticated
permit_mynetworks
check_client_access hash:/usr/local/etc/postfix/access
check_client_access cidr:/usr/local/etc/postfix/cidr
# reject_rbl_client 100.0.0.0.geobl.spamanalysis.org
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.mailspike.net
# reject_rbl_client bl.spamcop.net
# reject_rbl_client dnsbl.sorbs.net
# reject_rbl_client psbl.surriel.com
# reject_rbl_client ubl.unsubscore.com
reject_invalid_hostname
reject_unauth_destination
permit
And, this is what I have for my Postfix files under
/usr/local/etc/postfix (Postfix 2.5.9 on FreeBSD 11.4):
drwxr-xr-x 4 root wheel 1024 Feb 16 15:10 ./
drwxr-xr-x 18 root wheel 1536 Jan 31 08:59 ../
-rw-r--r-- 1 root wheel 938 Feb 5 2019 access
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 access.db
-rw-r--r-- 1 root wheel 695 May 4 2015 aliases
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 aliases.db
-rw-r--r-- 1 root wheel 3547 Jan 31 09:06 bounce.cf.default
-rw-r--r-- 1 root wheel 3014 May 10 2020 cidr
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 cidr.db
-rw-r--r-- 1 root wheel 6500 May 3 2020 header_checks
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 header_checks.db
-rw-r--r-- 1 root wheel 482 Jul 31 2020 helo_access
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 helo_access.db
-rw-r--r-- 1 root wheel 26493 Jan 31 09:06 LICENSE
-rw-r--r-- 1 root wheel 138 May 4 2015 loginmaps
-rw-r--r-- 1 root wheel 5273 Feb 16 15:10 main.cf
-rw-r--r-- 1 root wheel 5827 May 6 2019 master.cf
-rw-r--r-- 1 root wheel 1221 Jun 30 2018 reject.cidr
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 reject.cidr.db
-rw-r--r-- 1 root wheel 83 Jul 31 2020 sender_access
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 sender_access.db
-rw-r--r-- 1 root wheel 75668 May 4 2015 sinokorea-reject.cidr
-rw-r--r-- 1 root wheel 180224 Jan 31 09:10 sinokorea-reject.cidr.db
-rw-r--r-- 1 root wheel 1629 Jan 31 09:06 TLS_LICENSE
-rw-r--r-- 1 root wheel 0 May 4 2015 transport
-rw-r--r-- 1 root wheel 49152 Jan 31 09:10 transport.db
drwxr-xr-x 2 root wheel 1024 Jan 31 09:11 virtuals/
I've always had mapped files for access, cidr, etc. and have it wouldn't
pick up new entries until I updated the respective .db files by running
`postmap` on them.
On 2021-02-18 11:59 -0800, Rich Shepard <rshepard at appl-ecosys.com> wrote:
> On Thu, 18 Feb 2021, Linh Pham wrote:
>
> > Postfix doesn't look at the CIDR file directly. Instead, you need to
> > convert the file into a lookup table file by running `postmap` against the
> > plain-text file.
> > See: http://www.postfix.org/cidr_table.5.html
>
> Linh,
>
> What that says is, "The Postfix mail system uses optional lookup tables.
> These tables are usually in dbm or db format. Alternatively, lookup tables
> can be specified in CIDR (Classless Inter-Domain Routing) form. In this
> case, each input is compared against a list of patterns. When a match is
> found, the corresponding result is returned and the search is terminated."
>
> Notice the second sentence.
>
> In /etc/postfix/main.cf I have rows such as this;
> check_client_access cidr:/etc/postfix/cidr/spammers.cidr,
>
> Other lookups are hashed; e.g., rhsbl_sender_exceptions and
> rhsbl_sender_exceptions.db.
>
> Regards,
>
> Rich
>
>
> _______________________________________________
> PLUG: https://pdxlinux.org
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
--
Linh Pham
More information about the PLUG
mailing list