Whitelisting anhand der Absender Adresse
Josef Kranzer
kranzerj at gmail.com
Mi Feb 15 17:00:00 CET 2017
Hallo,
ich habe den Auftrag Mails von bestimmen Absendern immer zuzulassen.
Da ich bisher damit gescheitert bin meine Frage / Bitte ob ihr hier eine
Möglichkeit seht.
Dies muss unabhängig des Senden Mailserver und auch dann wenn der Absender
Server auf Blacklist steht oder der SPF die Mails ablehnen würde. Laut
meinen Test funktioniert die Whitelist hinter „check_client_access“ nur,
wenn ich dort die Daten des Absender Server eintrage.
Am liebsten wäre es mir natürlich wenn eine Lösung auch gleich den Amavis
check umgehen würde, und ich somit nur eine Whitlist pflege müsste 😊
Hier die Ausgabe von postconf -n
Unsere Domains und andere „persönliche“ Infos habe ich durch A ersetzt:
alias_database = hash:/etc/aliases
alias_maps = $alias_database
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/lists/header_checks.regex
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps = unix:passwd.byname $alias_maps
hash:/etc/postfix/maps/local-recipient
mail_owner = postfix
mailbox_size_limit = 0
maximal_queue_lifetime = 4d
mydestination = mail1.AAAAAA.at, mail1, localhost
message_size_limit = 250000000
mydomain = mail1.AAAAAA.at
myhostname = mail1.AAAAAA.at
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
/etc/postfix/lists/mynetworks.lst
myorigin = $mydomain
policy-spf_time_limit = 3600s
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relay_domains = /etc/postfix/lists/relay-domains.lst
relay_recipient_maps = hash:/etc/postfix/maps/valid_AA-local_recipients,
hash:/etc/postfix/maps/valid_AAA-local_recipients,
hash:/etc/postfix/maps/valid_AAAA-local_recipients,
hash:/etc/postfix/maps/valid_AAAAA-local_recipients,
hash:/etc/postfix/maps/valid_AAAAAA-at_recipients,
hash:/etc/postfix/maps/valid_wpus-AAAAAA-local_recipients,
hash:/etc/postfix/maps/valid_AAAAAAA-local_recipients,
hash:/etc/postfix/maps/valid_AAAAAAA_recipients,
hash:/etc/postfix/maps/valid_AAAAAA-at_recipients
hash:/etc/postfix/maps/valid_AAAAAAAAcom_recipients
hash:/etc/postfix/maps/valid_AAAAAAAAA_recipients
relayhost =
setgid_group = postdrop
smtp_helo_name = mail1.AAAAAA.at
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname Mail-Server - Hagenberg/Austria - ESMTP
$mail_name ($mail_version)
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname,
permit
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, hash:/etc/postfix/maps/access,
reject_unauth_destination, check_recipient_access
hash:/etc/postfix/whitelist_recipient, check_client_access
hash:/etc/postfix/rbl_whitelist, reject_invalid_hostname,
reject_unknown_sender_domain, reject_unknown_recipient_domain,
reject_non_fqdn_recipient, reject_unauth_pipelining, reject_rbl_client
ix.dnsbl.manitu.net, reject_rbl_client sbl.spamhaus.org, reject_rbl_client
cbl.abuseat.org check_policy_service unix:private/policy-spf
smtpd_sasl_auth_enable = no
smtpd_tls_CAfile = /etc/ssl/certs/STAR_AAAAAA_at.ca-bundle
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-star.AAAAAA.at.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-star.AAAAAA.at.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
soft_bounce = no
transport_maps = hash:/etc/postfix/maps/transport
unknown_local_recipient_reject_code = 450
virtual_alias_maps = hash:/etc/postfix/maps/virtual
Besten Dank
lg
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <http://de.postfix.org/pipermail/postfix-users/attachments/20170215/efdc6506/attachment.html>
Mehr Informationen über die Mailingliste postfix-users