by lunarg on September 28th 2011, at 12:23

If you wish to restrict SMTP access via IP addresses or a network range, one way to do it would be via Postfix configuration. You can set up restrictions using a Postfix hash-table or via a cidr file. You can choose one or both methods to perform the restrictions. The end-result will be the same.

Create a hash (postmapped) file

Create a text file with the addresses you would like to reject. You can choose whatever file name you wish. E.g.: /etc/postfix/smtp_client_access

Its content should be something like: REJECT Stop mailing us REJECT Stop mailing us
192.168.1 REJECT Stop mailing us

Next, postmap it by running:

postmap /etc/postfix/smtp_client_access

Then add/edit this in your

smtpd_client_restrictions = 
      check_client_access hash:/etc/postfix/smtp_client_access

Create a CIDR file

Similar as a hash file but with slightly different content, and you don't have to postmap it. REJECT Stop mailing us REJECT Stop mailing us REJECT Stop mailing us

Add/edit this in your (if the file was named /etc/postfix/cidr_client_access):

smtpd_client_restrictions = 
     check_client_access cidr:/etc/postfix/cidr_client_access

Using both hash and CIDR

You could also combine the two like so:

smtpd_client_restrictions = 
    check_client_access cidr:/etc/postfix/cidr_client_access, 
    check_client_access hash:/etc/postfix/client_access

Don't forget to reload Postfix

postfix reload


« April 2024»
« If the batteries of a TV remote run out, why do we press the buttons so much harder? »