O'Reilly logo

Postfix: The Definitive Guide by Kyle D. Dent

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Client-Detection Rules

Postfix provides the following rules that are assigned restrictions based on client information:

  • smtpd_client_restrictions

  • smtpd_helo_restrictions

  • smtpd_sender_restrictions

  • smtpd_recipient_restrictions

  • smtpd_data_restrictions

Each one corresponds to a step of the SMTP transaction. At each step, the client provides a piece of information. Using the client-supplied information, Postfix considers one or more restrictions that you assign to each rule. Figure 11-1 shows an SMTP conversation along with the client rule applied at each step. The header_checks and body_checks are discussed later in the chapter.

Let's review the SMTP conversation to see where each of the parameters fits in.

SMTP conversation with client rules

Figure 11-1. SMTP conversation with client rules

The SMTP Conversation (Briefly)

The SMTP conversation in Figure 11-1 should be familiar to you from Chapter 2. Example 11-1 shows the log entries for the transaction. First, an SMTP client connects to Postfix over a socket. Because of the way sockets function, Postfix learns the IP address of the client when it establishes the connection. You don't see the client IP address in the figure, but it is logged by Postfix. You can accept or reject a message based on the client hostname or IP address, thus blocking specific hostnames or IP and network addresses.

Example 11-1. SMTP logging

1. postfix/smtpd[866062]: connect from mail.ora.com[10.143.23.45] ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required