I am running a Postfix mail server. Some domains are configured that the DNS MX record is set to an antispam service. This service is forwarding the good mails to our mailserver. Some sender are ignoring the MX entry so they send the mails (most spam) directly to the postfix server.
So I tested some configuration changes on the Postfix server, that when an emails goes to the specified domains to check which ip sends this email. If it is an ip from the antispam service to accept the mail, all other ips reject the mail.
As reference I took these two sites to configure the postfix mailserver:
Postfix Limit mail for domain from IP range and http://www.postfix.org/RESTRICTION_CLASS_README.html
When I test my configuration, i see that the part with the domains is working. But my problem is, all incoming mails for the specified domains are rejected, no email will be accepted, although the ip i send with is allowed.
So here is my Postfix configuration.
main.cf
smtpd_restriction_classes = antispam
antispam = check_sender_access texthash:/etc/postfix/allowed_ips, reject
smtpd_recipient_restrictions =
[... other restrictions ...]
check_recipient_access texthash:/etc/postfix/protected_domains,
permit
allowed_ips
192.0.2.0/24 PERMIT
198.51.100.4/32 PERMIT
0.0.0.0/0 REJECT
protected_domains
domain.example antispam
domain2.example antispam
Best Answer
check_sender_accessmatches MAIL FROM: address, not IP. You need to usecheck_client_accessinstead.