Find the answer to your Linux question:
Results 1 to 6 of 6
Hello we are having a problem with an External company trying to send email which we are having problems with. The SMTP gateway is on a Linux box which also ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Mar 2008
    Posts
    7

    Postfix exclude senders Ip from filter


    Hello we are having a problem with an External company trying to send email which we are having problems with.
    The SMTP gateway is on a Linux box which also host a 3rd party email filtering application and then off to Exchange.
    We are trying to get email from from the target sender to bypass the 3rd party filtering (whitelist does not prevent it passing through the filter). There is plenty of documentation about how to get a specific sender IP to go through a certain filters, but we want to exclude one specific address from going through any. I understand that "If a message triggers more than one filter action, only the last one takes effect."
    Therefore an entry in the /etc/postfix/access should be able to pass it on to a special filter. I want to pass it on to no filter, but the information out of the man pages gives no examples only
    "whatever FILTER foo:bar"
    Any one know how to make mail from whatever to bypass the filter specified in main.cf?

  2. #2
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    instead of using the access table (unless thats all you are using it for) you could just make another file and call it whitelist or something a little more relevant.

    can you post your part of main.cf where you are referencing the file?

  3. #3
    Just Joined!
    Join Date
    Mar 2008
    Posts
    7
    Quote Originally Posted by jledhead View Post
    instead of using the access table (unless thats all you are using it for) you could just make another file and call it whitelist or something a little more relevant.

    can you post your part of main.cf where you are referencing the file?
    Is this what you are after?

    defer_transports =
    disable_dns_lookups = no
    relayhost =
    #content_filter =
    mailbox_command =
    mailbox_transport =
    smtpd_sender_restrictions = hash:/etc/postfix/access

    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions =
    permit_mynetworks
    reject_unauth_destination
    check_policy_service inet:1.2.3.4:60000

    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = no
    smtpd_use_tls = no
    smtpd_use_tls = no
    smtp_use_tls = no
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 20480000

    relay_domains=Our.DomainName1,Our.DomainName2,Our. DomainName3,Our.DomainName1.
    co.nz
    relay_recipient_maps = hash:/etc/postfix/relay_recipients

    mynetworks_style = subnet
    smtpd_banner = mail.Our.DomainName1 ESMTP Postfix


    default_process_limit=200

    OurScan_timeout=10m
    OurScan_connect_timeout=1s

    content_filter=OurScan:127.0.0.1:10025
    OurScan_destination_recipient_limit=200
    OurScan_destination_concurrency_limit=20


    We are also running "postmap /etc/postfix/access" before "/etc/init.d/postfix reload"
    We want to get the mail from a specific IP to skip the "OurScan". We think we need to specifiy an exclusion in /etc/postfix/access or as you suggest whitelist, but unsure of the syntax we need to use.
    The man pages only really document how to pass on to another filter, not how to bypass the "OurScan" contentfilter all together

  4. #4
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    [PLUG] Postfix whitelist?

    looks like a working solution

  5. #5
    Just Joined!
    Join Date
    Mar 2008
    Posts
    7
    Thanks, but what would be the working syntax in whitelist file?

    1.2.3.5 FILTER what?:Where?

  6. #6
    Linux Engineer jledhead's Avatar
    Join Date
    Oct 2004
    Location
    North Carolina
    Posts
    1,077
    I think it would be
    Code:
    1.2.3.4    OK

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •