• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

[Feature Request] Postfix: smtpd_client_restrictions = permit_sasl_authenticated

M

mconstable

New Pleskian
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk, 10.4.4, Debian 6, x64

PROBLEM DESCRIPTION

Regarding the Postfix mail server. Use of smtpd_client_restrictions = reject_rbl_client zen.spamhaus.org in /etc/postfix/main.cf will prevent clients from sending out email if zen.spamhaus.org is used (which includes the PBL blacklist therefor a lot of ADSL and 3G IP ranges are blocked) even if authenticated

STEPS TO REPRODUCE

Use zen.spamhaus.org as the system wide blacklist provider and try to send email from some Telstra (Australia) dynamic ADSL/3G networks.

ACTUAL RESULT

Apr 13 13:35:15 xxxxxx postfix/smtpd[27443]: NOQUEUE: reject: RCPT from unknown[xx.xx.xx.xx]: 554 5.7.1 Service unavailable; Client host [xx.xx.xx.xx] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=xx.xx.xx.xx; from=<xxxxx@xxxxx.net> to=<xxxxx@xxxxx.com> proto=ESMTP helo=<[192.168.0.100]>

EXPECTED RESULT

An authenticated email client should be able to send out emails via postfix regardless of what IP they may send from.

ANY ADDITIONAL INFORMATION

Could someone please make a formal Feature Request out of this post.

SOLUTION

Add permit_sasl_authenticated to smtpd_client_restrictions in /etc/postfix/main.cf, example...

smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks
 
You must log in or register to reply here.

Similar threads

Polli
Issue Getting DANE working
2
Replies
33
Views
4K
Polli
Polli
P
Resolved Port 25 blocked despite firewalls explicitly open
Replies
13
Views
977
learning_curve
learning_curve
EnriqueR
Question Incoming mail is stored in Junk folder
Replies
6
Views
988
EnriqueR
EnriqueR
F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
1
Views
419
Farfalk
F
Bitpalast
Forwarded to devs Spamassassin ignores mails to mailboxes that contain an ampersand, e.g. d&s@recipientdomain.tld
Replies
9
Views
2K
Bitpalast
Bitpalast
Back
Top