• esackbauer

    • Community Hero
    Moolevel 347
  • Edited

sidkipper outbound DNS is open

port 53 UDP and TCP?

    • DocFraggle

      • Community Hero
      Moolevel 244

    While running

    dig mx national-lottery.co.uk +trace

    you can see that the guys at national-lottery.co.uk seem to have fckd up their DNS servers… you can’t resolve anything using i.e. ns7.national-lottery.biz or
    ns6.national-lottery.biz due to a timeout.

    Maybe that’s the reason

    Thanks - can I workaround it through postfix config as I was attempting to, or not possible without them fixing their DNS setup?

    • DocFraggle

      • Community Hero
      Moolevel 244

    I would try to add the domain to your whitelist

    System -> Configuration -> Global filter maps -> RegEx maps (check the box) -> Header-From: Whitelist

    Add the line

    /.+national-lottery\.co\.uk/i

    I already have that set

    • DocFraggle

      • Community Hero
      Moolevel 244

    Ah ok, you didn’t write that in your posts above

    Sorry - I tried previously that but came to conclusion that postfix was probably taking action before rspamd.

    a month later

    Think you’d only want to do that for networks you completely trust. Any network you add to mynetworks will be able to use your mailserver to relay/send mail. If they send spam etc it’ll completely ruin your reputation and you’ll not be able to send email anywhere.

    I don’t trust the domain thats having the issue enough to want to allow them to relay email out of my server, but do want to be able to receive email destined only to my users from them.

      sidkipper
      Did you tried removing reject_unknown_sender_domain from line 8 of master.cf?
      I’ve found the problem:
      1.settings in master.cf will overwrite setting in main.cf, comment out smtpd_sender_restrictions on specific service(or all of them);
      2.use regexp:/opt/postfix/conf/sender_access, instead of check_sender_access regexp:/opt/postfix/conf/sender_access, otherwise postfix will report some thing like unknown smtpd restriction: "check_sender_access"

        Rasping6015

        Perfect - that seemed to be working as wanted now. Many thanks!

        No one is typing