Gentoo Archives: gentoo-user

From: Steve <gentoo_sjh@×××××××.uk>
To: gentoo-user@l.g.o
Subject: [gentoo-user] Postfix question about auth and blocklists...
Date: Wed, 26 May 2010 14:40:43
1 On a gentoo mailserver, I'm running Postfix 2.6.5 - and, having followed
2 some howto or other, quite a long time ago, I have this section at the
3 end of my
5 --
6 smtpd_recipient_restrictions =
7 permit_mynetworks,
8 permit_sasl_authenticated,
9 reject_unauth_destination,
10 reject_non_fqdn_sender,
11 reject_rbl_client,
12 reject_rbl_client,
13 reject_rbl_client,
14 reject_unknown_sender_domain,
15 reject_rhsbl_sender
16 --
18 While it might not be optimal, it worked extremely well for a long
19 time. The block lists were a godsend as I receive(d) quite a lot of
20 spam which had threatened to bog down spamassassin. For ages, I just
21 used my ISP's SMTP server to send, and only received on my own.
23 I've bought a smart phone (an HTC HD2 on Windows Mobile 6.5) and need to
24 use it to access my email on this server - both via mobile and Wi-Fi
25 connectivity. The IMAP(s) side works OK for my inbox (after a few
26 dovecot tweaks) - and, after a setting up SASL, I can now send email
27 from my phone via my own SMTP server, which gateways this to my ISP...
28 all secured by a complex password. So far, so good - and I can send
29 email from home over Wi-Fi from my phone. The problem arises
30 elsewhere... where I'm not connected to my local (W)LAN (i.e. where I'm
31 not in "permit_mynetworks") - where the phone reports:
33 --
34 The server returned the following error message:
36 554 5.7.1 Service unavailable; Client host blocked using
38 --
40 The block comes as no surprise as isn't exclusively under
41 my control - and, likely, is a vector for lots of spam - now mobile data
42 services are cheap and difficult to trace. What I didn't expect is for
43 my connection to be rejected even though I had the right username and
44 password.
46 So... the questions:
48 * How can I alter the configuration to process email from blocked
49 locations if and only if the client authenticates?
50 * How can I verify that SMTP auth has been done (when connecting from my
51 LAN) - it would be a disaster if I inadvertently created an open relay.
52 (I don't think I have - but better safe than sorry, etc.)
54 Thanks in advance for any replies...


Subject Author
Re: [gentoo-user] Postfix question about auth and blocklists... Brandon Vargo <brandon.vargo@×××××.com>