Chinaunix首页 | 论坛 | 博客
  • 博客访问: 79190
  • 博文数量: 28
  • 博客积分: 647
  • 博客等级: 上士
  • 技术积分: 325
  • 用 户 组: 普通用户
  • 注册时间: 2011-01-02 17:25
文章分类

全部博文(28)

文章存档

2011年(28)

分类:

2011-01-24 15:17:11

Restrictions on recipient addresses
smtpd_recipient_restrictions
This parameter specifies restrictions on recipient addresses that SMTP clients can send in RCPT TO commands.
By default, Postfix relays mail:
    * from trusted clients whose IP address matches $mynetworks,
    * from trusted clients matching $relay_domains or subdomains thereof,
    * from untrusted clients to destinations that match $relay_domains or subdomains thereof, except addresses with sender-specified routing.
The default relay_domains value is $mydestination.
In addition to the above, the Postfix SMTP server by default accepts mail that Postfix is final destination for:
    * destinations that match $inet_interfaces,
    * destinations that match $mydestination,
    * destinations that match $virtual_maps.
These destinations do not need to be listed in $relay_domains.
The following restrictions are available (* is part of default setting):
    * *permit_mynetworks: permit if the client address matches $mynetworks.
    * reject_unknown_client: reject the request if the client hostname is unknown.
    * reject_maps_rbl: reject if the client is listed under $maps_rbl_domains.
    * reject_invalid_hostname: reject HELO hostname with bad syntax.
    * reject_unknown_hostname: reject HELO hostname without DNS A or MX record.
    * reject_unknown_sender_domain: reject sender domain without A or MX record.
    * *check_relay_domains: permit only mail:
          o to destinations matching $inet_interfaces, $mydestination, or $virtual_maps,
          o from trusted clients matching $relay_domains or subdomain thereof,
          o from untrusted clients to destinations matching $relay_domains or subdomain thereof (except addresses with sender-specified routing).
      Reject anything else.
    * permit_auth_destination: permit mail:
          o to destinations matching $inet_interfaces, $mydestination, or $virtual_maps,
          o to destinations matching   $relay_domains or subdomain thereof, except for addresses with sender-specified routing.
    * reject_unauth_destination: reject mail unless it is sent
          o to destinations matching $inet_interfaces, $mydestination, or $virtual_maps,
          o to destinations matching $relay_domains or subdomain thereof, except for addresses with sender-specified routing.
    * reject_unauth_pipelining: reject mail from improperly pipelining spamware
    * permit_mx_backup: accept mail for sites that list me as MX host.
    * reject_unknown_recipient_domain: reject domains without A or MX record.
    * check_recipient_access maptype:mapname: look up recipient address, parent domain, or localpart@. Reject if result is REJECT or "[45]xx text". Permit otherwise.
    * check_client_access maptype:mapname: see smtpd_client_restrictions.
    * check_helo_access maptype:mapname: see smtpd_helo_restrictions.
    * check_sender_access maptype:mapname: see smtpd_sender_restrictions.
    * reject_non_fqdn_hostname: reject HELO hostname that is not in FQDN form.
    * reject_non_fqdn_sender: reject sender address that is not in FQDN form.
    * reject_non_fqdn_recipient: reject recipient address that is not in FQDN form.
    * reject: reject the request. Place this at the end of a restriction.
    * permit: permit the request. Place this at the end of a restriction.
Restrictions are applied in the order as specified; the first restriction that matches wins.
Specify a list of restrictions, separated by commas and/or whitespace. Continue long lines by starting the next line with whitespace.
NOTE: YOU MUST SPECIFY AT LEAST ONE OF THE FOLLOWING RESTRICTIONS OTHERWISE POSTFIX REFUSES TO RECEIVE MAIL:
reject, check_relay_domains, reject_unauth_destination
阅读(659) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~