Today I got some hints how to use different Access Policy Delegation with postfix. This it opens the possibility to use diffrent check_policy_service in dependency on sender address, client ip … and so on.
Create aliases for groups of access restrictions in /etc/postfix/main.cf:
smtpd_restriction_classes = policy1,
policy2,
policy1 = check_policy_service inet:127.0.0.1:12525
policy2 = check_policy_service inet:127.0.0.1:12526
Create “/etc/postfix/ip_rules.cidr”:
# echo “127.0.0.1 policy1″ > /etc/postfix/ip_rules.cidr
# echo “127.0.0.2 policy1″ >> /etc/postfix/ip_rules.cidr
# echo “0.0.0.0/0 policy2″ >> /etc/postfix/ip_rules.cidr
Add “check_client_access cidr:/etc/postfix/ip_rules.cidr” at the end of “smtpd_recipient_restrictions” in /etc/postfix/main.cf
In this scenario you can have different access policies based on the client ip. It is also possible to base it on client reverse dns with help of pcre maps and recipient/sender address and hash maps
The Different Postfix Access Policy Delegation by Cyconet Blog, unless otherwise expressly stated, is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License. Terms and conditions beyond the scope of this license may be available at blog.waja.info.
Brunner Bäcker
Aldi
Städtischer Kinderspielplatz
Kindergarten Am Storchennest
Volksfestplatz Bayreuth
0 Responses to “Different Postfix Access Policy Delegation”