[Postfixbuch-users] whitelist von body_checks

Thomas Klein mailinglist-postfixbuch at online.de
Fr Jun 11 01:03:45 CEST 2010


Hallo zusammen,

ich verwende body_checks auf einem Postfix-Server. Allerdings möchte ich 
eine Absenderdomain whitelisten (die GL wünscht das so). Ich habe in 
hash:/etc/postfix/pub_sender_access_permit und 
hash:/etc/postfix/pub_client_access_permit schon ein bißchen 
whitelisting betrieben, was aber nur für die 
smtpd_recipient_restrictions greift, nicht für die body_checks.

Gibt es dafür trotzdem eine Möglichkeit, bestimmte Mailadressen bzw. 
Domänen von body_checks auszunehmen?

postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
body_checks = pcre:/etc/postfix/pub_body_checks_pcre
body_checks_size_limit = 512000
config_directory = /etc/postfix
header_checks = pcre:/etc/postfix/header_checks
mailbox_command =
mailbox_size_limit = 0
message_size_limit = 20000000
mydestination = $mydomains, localhost.$mydomain
myhostname = mx.domain.de
mynetworks = 127.0.0.0/8, 192.168.92.2
myorigin = $mydomain
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
recipient_delimiter = +
relay_domains = domain.de
relay_recipient_maps = hash:/etc/postfix/relay_recipients
smtpd_banner = $myhostname ESMTP
smtpd_helo_required = yes
smtpd_proxy_timeout = 300s
smtpd_recipient_restrictions = reject_non_fqdn_sender   
reject_non_fqdn_recipient       permit_mynetworks       
permit_sasl_authenticated   reject_unauth_destination        
reject_unlisted_recipient        check_sender_access 
hash:/etc/postfix/pub_sender_access_permit        check_client_access 
hash:/etc/postfix/pub_client_access_permit        
reject_invalid_hostname reject_non_fqdn_hostname        
check_sender_access hash:/etc/postfix/pub_sender_access_reject       
check_sender_access hash:/etc/postfix/sender_access             
check_client_access pcre:/etc/postfix/pub_client_access_reject_pcre  
reject_unknown_sender_domain    check_policy_service 
inet:127.0.0.1:12525       warn_if_reject check_client_access 
pcre:/etc/postfix/dynip        warn_if_reject reject_unknown_client
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
transport_maps = hash:/etc/postfix/transport
transport_retry_time = 180
unknown_client_reject_code = 550

Danke & Gruß
Thomas




Mehr Informationen über die Mailingliste Postfixbuch-users