Re: Combining access map checks

At 12:57 PM 6/8/2005, Jeff Rice wrote:
>Hi,
>I am trying to figure out how to get a number of my policies to work in
>the right way, while being able to properly exempt clients from certain
>(but not all!) UCE checks. I am not sure if this is possible.
>
>I use RBLs and greylisting, and have a number of accounts and remote
>clients that I want to exempt from one or the other.
>
>smtpd_recipient_restrictions =
> <SNIP>
> check_client_access pcre:/etc/postfix/server_greylist_optouts.pcre,
> check_recipient_access hash:/etc/postfix/account_greylist_prefs,
> check_client_access pcre:/etc/postfix/client_whitelist.pcre,
> check_recipient_access hash:/etc/postfix/account_rbl_prefs,
> permit
>
>...
>Now what I hope to do is have RBL checks before greylisting, but exempt
>the clients in client_whitelist.pcre RBL checks only, not from everything
>else that follows. If I move client_whitelist and account_rbl_prefs up in
>the list, they will get done before greylists -- but the clients in
>client_whitelist.pcre, by nature of the OK, won't go through the
>greylisting policy.

This is a good example of when to not put all your restrictions under
smtpd_recipient_restrictions.
Put the RBL checks (and the rbl client_whitelist, of course) under
smtpd_sender_restrictions.
Leave the rest where they are.

--
Noel Jones