[CentOS] Postfix smtp_recipient_restrictions causing mail to fail

Fri Mar 13 09:18:17 UTC 2009
Logan Moore <logan at alloynet.co.nz>

Logan Moore wrote:
> Logan Moore wrote:
>   
>> Logan Moore wrote:
>>   
>>     
>>> Hi All,
>>>
>>> I'm currently playing with smtp_recipient restrictions to try and knock 
>>> some of this spam on it's head. On my old debian server, I was using 
>>> this and successfully filtering out at least 90% if not more of all spam 
>>> emails which was great. I didn't even need spamassassin.
>>>
>>> However, trying to do the same thing on my new CentOS based server isn't 
>>> working. With the following enabled, nothing comes through from the 
>>> outside world.
>>>
>>> Can anybody see where I've gone wrong. I can't fathom why this would 
>>> block all incoming emails from the web.
>>>
>>> smtpd_recipient_restrictions =
>>>      permit_mynetworks,
>>>      permit_sasl_authenticated,
>>>      reject_invalid_hostname,
>>>      reject_non_fqdn_hostname,
>>>      reject_non_fqdn_sender,
>>>      reject_non_fqdn_recipient,
>>>      reject_unknown_sender_domain,
>>>      reject_unknown_recipient_domain,
>>>      reject_rbl_client zen.spamhaus.org,
>>>      permit
>>>
>>> Thanks,
>>>
>>> Kind regards,
>>> Logan Moore
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>   
>>>     
>>>       
>> Weird. If I comment out the smtpd_recipient_restrictions, that lets 
>> email through, so I tried removing restriction, restarting postfix and 
>> then sending an email to check if emails start working. Email didn't 
>> start working until I removed the smtpd_recipient_restrictions all 
>> together. Even the following would result in all incoming email being 
>> blocked.
>>
>> smtpd_recipient_restrictions = permit
>>
>> This seems more than a tad wrong
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>   
>>     
>
> OK, now we are getting somewhere. You can't do anything without 
> specifying reject_unauth_destination, and specifiying that alone works 
> fine, so I will work my way back up to the full list of restrictions 
> from that and see where it breaks.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>   

That was it. I didn't have any of the required options (reject, defer, 
defer_if_permit, reject_unauth_destination) in my 
smtpd_recipient_restrictions, so all email was being rejected. After 
adding reject_unauth_destination, she's working beautifully. Thanks, I 
think posting to the list helped. I probably would have given up and put 
it off until later otherwise.

Kind regards,
Logan Moore