• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

[Feature Request] Postfix: smtpd_client_restrictions = permit_sasl_authenticated

M

mconstable

New Pleskian
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk, 10.4.4, Debian 6, x64

PROBLEM DESCRIPTION

Regarding the Postfix mail server. Use of smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org in /etc/postfix/main.cf will prevent clients from sending out email if zen.spamhaus.org is used (which includes the PBL blacklist therefor a lot of ADSL and 3G IP ranges are blocked) even if authenticated

STEPS TO REPRODUCE

Use zen.spamhaus.org as the system wide blacklist provider and try to send email from some Telstra (Australia) dynamic ADSL/3G networks.

ACTUAL RESULT

Apr 13 13:35:15 xxxxxx postfix/smtpd[27443]: NOQUEUE: reject: RCPT from unknown[xx.xx.xx.xx]: 554 5.7.1 Service unavailable; Client host [xx.xx.xx.xx] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=xx.xx.xx.xx; from=<xxxxx@xxxxx.net> to=<xxxxx@xxxxx.com> proto=ESMTP helo=<[192.168.0.100]>

EXPECTED RESULT

An authenticated email client should be able to send out emails via postfix regardless of what IP they may send from.

ANY ADDITIONAL INFORMATION

Could someone please make a formal Feature Request out of this post.

SOLUTION

Add permit_sasl_authenticated to smtpd_client_restrictions in /etc/postfix/main.cf, example...

smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks
 
You must log in or register to reply here.

Similar threads

Polli
Issue Getting DANE working
2
Replies
33
Views
4K
Polli
Polli
P
Resolved Port 25 blocked despite firewalls explicitly open
Replies
13
Views
1K
learning_curve
learning_curve
EnriqueR
Question Incoming mail is stored in Junk folder
Replies
6
Views
1K
EnriqueR
EnriqueR
F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
1
Views
521
Farfalk
F
Bitpalast
Forwarded to devs Spamassassin ignores mails to mailboxes that contain an ampersand, e.g. d&s@recipientdomain.tld
Replies
9
Views
2K
Bitpalast
Bitpalast
Back
Top