Post by Wietse VenemaYes, I left the typo in place to demonstrate that it really came
from this access rule.
Ok, but here this doesn't work:
220 rubicon.darkman.de ESMTP Postfix
EHLO bla
250-rubicon.darkman.de
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250 8BITMIME
MAIL FROM:<***@taal.net>
250 Ok
RCPT TO:<***@darkman.de>
250 Ok
now i debug'ed the session:
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: generic_checks:
name=check_helo_access status=0
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: generic_checks:
name=check_sender_mx_access
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: check_server_access: MX
***@taal.net
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: dns_query: taal.net (MX): OK
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: dns_get_answer: type MX for
taal.net
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: warning: Unable to look up
MX host dev.null for Sender address ***@taal.net: Name or service not known
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: generic_checks:
name=check_sender_mx_access status=0
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: generic_checks:
name=check_sender_mx_access
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: check_server_access: MX
***@taal.net
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: dns_query: taal.net (MX): OK
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: dns_get_answer: type MX for
taal.net
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: warning: Unable to look up
MX host dev.null for Sender address ***@taal.net: Name or service not known
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: generic_checks:
name=check_sender_mx_access status=0
Oct 17 19:10:59 rubicon postfix/smtpd[1187]: >>> END Recipient address
RESTRICTIONS <<<
smtpd_recipient_restrictions:
smtpd_recipient_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_authenticated_sender_login_mismatch,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
check_helo_access hash:/etc/postfix/helo_access_maps,
check_sender_mx_access hash:/etc/postfix/mx_access,
check_sender_mx_access cidr:/etc/postfix/mx_access.cidr
content of /etc/postfix/mx_access:
64.94.110.11 reject sender domain matches verisign wild-card
dev.null reject invalid mx record
- -> no go.
mail_version = 2.1.5
Any Idea?
Thanks!
Sven