Quoting Feizhou <feizhou at graffiti.net>: > Barry Brimer wrote: > > > > I have a mail server that handles several domains. One of these domains > has > > decided to use Postini. For those not familiar with Postini, you set your > MX > > records to use their mail servers. They filter mail, and deliver you only > the > > clean virus/spam free mail. The idea is to only allow incoming mail from > their > > mail servers so spammers are unable to send to your mail server directly. > This > > is fairly simple to do with standard restriction classes for a dedicated > mail > > server. I am not sure how to accomplish this on a shared mail server. > Ideally > > I would like to instruct postfix to accept mail from anywhere for all > domains > > except one domain (the one using Postini) and only allow mail destined for > that > > specific domain to originate from Postini's mail servers. Any ideas would > be > > greatly appreciated. > > check_recipient_access > key value > postini-domain postini-domain-restrictions > > smtpd-restrictions > postini-domain-restrictions > > postini-domain-restrictons > check_client_access > key value > postini-ips/rdns OK > check_client_access > key value > anything(regex/pcre) REJECT Thanks for your response. For further clarification, my understanding of your instructions are as follows. Please correct any mistakes I have made. My domain will be example.com 1. Add an additional line to my smtpd_recipient_restrictions that reads: check_recipient_access hash:/etc/postfix/recipient_checks The contents of this file should read example.com example.com-restrictions Once completed, I run postmap against this file. 2. I currently use smtpd_recipient_restrictions for my access control. Can I include the example.com-restrictions directive in my smtpd_recipient_restrictions, or does it really belong in smtpd_sender_restrictions? Is there actually a plain smtpd_restrictions directive I am missing? 3. example.com-restrictions is referenced in smtpd_xxx_restrictions above. If I understand correctly, I should add a line to my main.cf above my smtpd_recipient_restrictions that says: example.com-restrictions = check_client_access regexp:/etc/postfix/example.com-restrictions.regexp The contents of this file should read: name or ip of postini-allowed mail server1 OK name or ip of postini-allowed mail server2 OK name or ip of postini-allowed mail server3 OK name or ip of postini-allowed mail server4 OK /^.*/ REJECT Thanks so much for your help, any input/correction/validation of this information is greatly appreciated! Thanks! Barry