[ILUG] postfix whitelist smtp servers
Ciaran Johnston
cj at nologic.org
Thu Feb 14 15:08:02 GMT 2008
Gavin McCullagh wrote:
> Hi,
>
> I'm looking to whitelist a few smtp servers which ours should accept mail
> from while blocking all others. We're using postfix.
>
> The first way I thought of was to use:
>
> smtpd_recipient_restrictions = ..., check_client_access
> hash:/etc/postfix/access, ...
>
> and then create the map with something like:
>
> w.x.y.z OK
> a.b.c.d OK
> ??? 401 try again later
>
> except that the ??? is the problem. I can't figure out how to specify all
> networks. A /8 is easy with eg. "127. " but to ban everyone would require
> 254 of those lines which can't be right.
I haven't tried it, but from access(5):
NOTE 3: use the cidr lookup table type to specify network/netmask
patterns. See cidr_table(5) for details.
And from cidr_table(5):
The general form of a Postfix CIDR table is:
network_address/network_mask result
When a search string matches the specified network block,
use the corresponding result value.
Specify 0.0.0.0/0 to match every IPv4 address, and ::/0 to
match every IPv6 address.
HTH,
Ciaran.
More information about the ILUG
mailing list