smtpd_recipient_restrictions reject_unknown_client_hostname

I have this directive active reject_unknown_client_hostname and in some
ips when it does not solve at the moment of doing the RCPT it does not
solve correctly, as it is logical send code 450 blocking the mail. Well
my question is how could I put some ips in particular that I know are
reliable for that the reject_unknown_client_hostname be skipped. I have
added these ips with the OK directive in the access file but it does not
work as I would like it to do


Re: smtpd_recipient_restrictions reject_unknown_client_hostname

By Noel Jones at 03/15/2019 - 15:48

On 3/15/2019 2:37 PM, Francesc Peñalvez wrote:

Postfix processes restrictions in order. Your access table
whitelist must come before the rule rejecting the mail.

Move reject_unknown_client_hostname to *after* your access table in
your restriction list.

And for external IPs it's safer to use "PERMIT_AUTH_DESTINATION"
rather than "OK" to prevent open relay accidents.

-- Noel Jones

Re: smtpd_recipient_restrictions reject_unknown_client_hostname

By Matus UHLAR - f... at 03/15/2019 - 15:45

On 15.03.19 20:37, Francesc Peñalvez wrote:
put check_client_access in front of the reject_unknown_client_hostname
allowing the trusted IPs.

Re: smtpd_recipient_restrictions reject_unknown_client_hostname

By =?UTF-8?Q?Franc... at 03/15/2019 - 18:34

thank you I had not thought that postfix followed the order of the list

El 15/03/2019 a las 20:45, Matus UHLAR - fantomas escribió: