Kay Diederichs
<Kay.Diederichs(a)gmx.de> wrote:
I found that
To:gmail.com REJECT
(with one or multiple tabs where the blank appears in the line above)
seems to work well when appended to /etc/mail/access which is used by
sendmail on my CentOS-5.5 machine. Nota bene: only wikis are on this
machine, so it's ok to not confirm account creation to gmail users -
they can be told to subscribe with different emails.
I have not yet been able to find out why on my SL-6 machines
gmail.com REJECT
as the last line /etc/postfix/access does not seem to work - at least I
see no "reject" message in /var/log/maillog.
Typically /etc/postfix/access is associated with smtpd_client_restrictions,
to check just do:
postconf | grep access
and you may see something like:
smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
The manual[1] says, that check_client_access means:
Search the specified access database for the client hostname,
parent domains, client IP address, or networks obtained by
stripping least significant octets. See the access(5) manual
page for details.
To check for outgoing email domain names (this is the equivalent
of sendmail's "To:" in the accessdb) you need to use
"smtpd_recipient_restrictions" parameter with possibly a different
file.
Something like
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/rcpt_access
will let you use another postfix map for the RCPT To: addresses. See[2]
Note: this will work only if you submit mail externally (i.e. via SMTP
port) and not via local submission not handled by smtpd.
Sendmail allows you to put different kinds of rules and restrictions
in the access file, with Postfix you should be careful and possible
keep separate access maps.
//Marcin
[1]
http://www.postfix.org/postconf.5.html#smtpd_client_restrictions
[2]
http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions