info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
smtpd_sender_restrictions bypassed?
12 views
Skip to first unread message
Simon Hintermann
Mar 17, 2017, 6:10:23 AM3/17/17
to
Hello,
I have a problem on every Plesk server I have. I cannot blacklist any sender with the
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists
mechanism.
Is there any other parameter that could take precedence or invalidate this sender check?
I can block senders perfectly on CentOS7 sotck installations.
Here is my main.cf:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = ipv4
mydestination = localhost.$mydomain, localhost, localhost.localdomain
unknown_local_recipient_reject_code = 550
relayhost = mail6.copperfasten.ch
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
header_checks = regexp:/etc/postfix/header_checks
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.11.5/samples
readme_directory = /usr/share/doc/postfix-2.11.5/README_FILES
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
mynetworks =
smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
mailbox_size_limit = 0
virtual_mailbox_limit = 0
myhostname = web3.malera.com
message_size_limit = 20480000
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtp_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
non_smtpd_milters =
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
smtpd_recipient_limit = 15
Thanks, cheers
I have a problem on every Plesk server I have. I cannot blacklist any sender with the
smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists
mechanism.
Is there any other parameter that could take precedence or invalidate this sender check?
I can block senders perfectly on CentOS7 sotck installations.
Here is my main.cf:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
inet_protocols = ipv4
mydestination = localhost.$mydomain, localhost, localhost.localdomain
unknown_local_recipient_reject_code = 550
relayhost = mail6.copperfasten.ch
alias_maps = hash:/etc/aliases, hash:/var/spool/postfix/plesk/aliases
alias_database = hash:/etc/aliases
header_checks = regexp:/etc/postfix/header_checks
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.11.5/samples
readme_directory = /usr/share/doc/postfix-2.11.5/README_FILES
virtual_mailbox_domains = $virtual_mailbox_maps, hash:/var/spool/postfix/plesk/virtual_domains
virtual_alias_maps = $virtual_maps, hash:/var/spool/postfix/plesk/virtual
virtual_mailbox_maps = , hash:/var/spool/postfix/plesk/vmailbox
transport_maps = , hash:/var/spool/postfix/plesk/transport
smtpd_tls_cert_file = /etc/postfix/postfix_default.pem
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may
smtp_use_tls = no
smtpd_timeout = 3600s
smtpd_proxy_timeout = 3600s
disable_vrfy_command = yes
mynetworks =
smtpd_sender_restrictions = reject_unknown_sender_domain, check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
smtp_send_xforward_command = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
virtual_mailbox_base = /var/qmail/mailnames
virtual_uid_maps = static:30
virtual_gid_maps = static:31
smtpd_milters = inet:127.0.0.1:12768
sender_dependent_default_transport_maps = hash:/var/spool/postfix/plesk/sdd_transport_maps
virtual_transport = plesk_virtual
plesk_virtual_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
mailbox_size_limit = 0
virtual_mailbox_limit = 0
myhostname = web3.malera.com
message_size_limit = 20480000
smtpd_tls_protocols = TLSv1 TLSv1.1 TLSv1.2
smtp_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols = TLSv1 TLSv1.1 TLSv1.2
non_smtpd_milters =
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = HIGH:!aNULL:!MD5
smtpd_recipient_limit = 15
Thanks, cheers
0 new messages