我正在尝试将 Postfix 配置为仅允许来自特定电子邮件且来自特定服务器 (google) 的邮件。这是我的配置:
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/access_from,
check_client_access hash:/etc/postfix/client_access,
reject
访问来源:
max@[REDACTED].com OK
客户端访问:
google.com OK
但是,如果我从 Google 服务器发送电子邮件,但不是从正确的电子邮件发送,它仍然会通过。以下是日志:
maps_find: hash:/etc/postfix/access_from: [WRONG ADDRESS]@gmail.com: not found
maps_find: hash:/etc/postfix/access_from: gmail.com: not found
maps_find: hash:/etc/postfix/access_from: com: not found
maps_find: hash:/etc/postfix/access_from: [WRONG ADDRESS]@: not found
mail_addr_find: [WRONG ADDRESS]@gmail.com -> (not found)
generic_checks: name=check_sender_access status=0
generic_checks: name=check_client_access
check_namadr_access: name mail-qk1-f178.google.com addr 209.85.222.178
check_domain_access: mail-qk1-f178.google.com
maps_find: hash:/etc/postfix/client_access: mail-qk1-f178.google.com: not found
maps_find: hash:/etc/postfix/client_access: hash:/etc/postfix/client_access(0,lock|fold_fix|utf8_request): google.com = OK
check_table_result: hash:/etc/postfix/client_access OK mail-qk1-f178.google.com
smtpd_acl_permit: checking smtpd_log_access_permit_actions settings
match_list_match: OK: no match
smtpd_acl_permit: smtpd_log_access_permit_actions: no match
generic_checks: name=check_client_access status=1
Postfix 发现发送的电子邮件无效,但当它还发现该电子邮件来自 Google 时,它会忽略之前的错误并仍然接受该电子邮件。换句话说,Postfix 正在对两个检查进行“或”运算,但我需要它对两个检查进行“与”运算。我该怎么做?
答案1
我想到了!
smtpd_client_restrictions =
check_client_access hash:/etc/postfix/client_access,
reject
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/access_from,
reject
如果客户端限制不通过,它将立即拒绝。