Whitelist rule for reject_rbl_client in Postfix?

postfix dynamic-dns spam ddns
5,279

Use check_client_access. Insert it before reject_rbl_client:

smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    check_client_access hash:/etc/postfix/rbl_override,
    reject_rbl_client zen.spamhaus.org,
    permit

Add in /etc/postfix/rbl_override

your.dynamic.dns OK

Don't forget to run postmap /etc/postfix/rbl_override

Detailed info: http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix

Share:
5,279

Related videos on Youtube

Laimoncijus
Author by

Laimoncijus

Updated on September 18, 2022

Comments

  • Laimoncijus
    Laimoncijus almost 2 years

    Is there a way to add an exclusion/whitelist rule (or similar), which would work against reject_rbl_client behavior? I have a postfix service running, with following client restrictions:

    smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_rbl_client zen.spamhaus.org,
    permit

    Now I want my postfix to accept emails, sent from my home server. Home server sits on DSL connection, so the IP is always changing. Furthermore, whole IP pool from my ISP is blacklisted in spamhaus.org, so it gets normally rejected because of reject_rbl_client zen.spamhaus.org. Would it be possible somehow to configure postfix so, that it would add a rule, that emails, arriving from some specific Dynamic DNS host (which always resolves to my current home IP) would not be rejected?

  • Laimoncijus
    Laimoncijus about 11 years
    I guess the problem with dynamic DNS is that the IP itself resolves to some other domain, assigned by my ISP and not my.dynamic.dns I am trying to use - so emails get still rejected...
  • Laurentiu Roescu
    Laurentiu Roescu about 11 years
    If you server sends my.dynamic.dns as helo you could replace check_client_access with check_helo_access. This is a little bit dangerous because this can be forged. One other option could be SASL authentication in the postfix smtp client, I think this would be the best solution.
  • Laimoncijus
    Laimoncijus about 11 years
    Thanks, I did end up with using SASL authentication after all - a little bit more setup on client side, but security is most important.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure duckdns.org on OpenWRT?
Mail delivery failed for a message I didn't send
Use postfix and spamassassin packages on CentOS 6 to reject SPAM - without custom users and scripts
I can't send email from my server to gmail addresses
Multi-IP address zimbra server DNS PTR records and spam
smtpd_helo_restrictions = ..., reject_unknown_helo_hostname occasionally rejects mail I care about, how to handle?
Configure postfix with a threshold for reject_rbl_client
My mail server is sending a lot of spam using my domain
Setup policyd on Zimbra 8.8.x to rate limit the number of messages each account can send with smtp-auth
Spam passing postfix config "hostname does not resolve to address: No address associated with hostname"