Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions

  




 

 

Postfix Documentation
Previous Page Home Next Page

Postfix Per-Client/User/etc. Access Control


Postfix restriction classes

The Postfix SMTP server supports access restrictions such as reject_rbl_client or reject_unknown_client_hostname on the right-hand side of SMTP server access(5) tables. This allows you to implement different junk mail restrictions for different clients or users.

Having to specify lists of access restrictions for every recipient becomes tedious quickly. Postfix restriction classes allow you to give easy-to-remember names to groups of UCE restrictions (such as "permissive", "restrictive", and so on).

The real reason for the existence of Postfix restriction classes is more mundane: you can't specify a lookup table on the right-hand side of a Postfix access table. This is because Postfix needs to open lookup tables ahead of time, but the reader probably does not care about these low-level details.

Example:

/etc/postfix/
main.cf:
    
smtpd_restriction_classes = restrictive, permissive
    # With Postfix < 2.3 specify 
reject_unknown_client.
    restrictive = 
reject_unknown_sender_domain 
reject_unknown_client_hostname ...
    permissive = permit

    
smtpd_recipient_restrictions = 
	
permit_mynetworks
	
reject_unauth_destination
	
check_recipient_access hash:/etc/postfix/recipient_access

/etc/postfix/recipient_access:
    [email protected]	permissive
    [email protected]	restrictive

With this in place, you can use "restrictive" or "permissive" on the right-hand side of your per-client, helo, sender, or recipient SMTPD access tables.

The remainder of this document gives examples of how Postfix access restriction classes can be used to:

These questions come up frequently, and the examples hopefully make clear that Postfix restriction classes aren't really the right solution. They should be used for what they were designed to do, different junk mail restrictions for different clients or users.

Postfix Documentation
Previous Page Home Next Page