sender = ***@charite.de
client = hauptpostamt.charite.de

Very nice Executive Summary Ralf :-)

Peggy,
The CLIENT is the connecting MACHINE.
The SENDER is the envelope EMAIL ADDRESS in the MAIL FROM: command.

To be more explicit about restrictions,
(from http://www.postfix.org/SMTPD_ACCESS_README.html#lists):

Restriction list name Effect of REJECT or DEFER result
--------------------- --------------------------------
smtpd_client_restrictions Reject all client commands
smtpd_helo_restrictions Reject HELO/EHLO information
smtpd_sender_restrictions Reject MAIL FROM information
smtpd_recipient_restrictions Reject RCPT TO information
smtpd_data_restrictions Reject DATA command
smtpd_etrn_restrictions Reject ETRN command

When a connection is made to the mail server, postfix becomes aware of
the IP address, then hostname of the remote computer (the client).

When the MAIL FROM: command is given by the client, postfix becomes
aware of the sender (the envelope sender, not the address in the From:
header, which is irrelevant and part of the DATA stream).

You can use a check_client_access map in smtpd_client_restrictions,
smtpd_sender_restrictions, or smtpd_recipient_restrictions to reject
connecting hosts. The syntax is determined by the type of map you
choose. I prefer to put the map in smtpd_recipient_restrictions, at
least initially, to provide more useful log entries when searching for
false positives.

If you're actually trying to reject a domain in the From: header, you
need to use a header_checks map.

You can find more details here:

http://www.postfix.org/spam.html
http://www.postfix.org/uce.html

I also found this document very helpful:

http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt

is the smtpd_data_restrictions part of the postfix 2.0.16 version. this
could help me a lot.

-----Original Message-----
From: owner-postfix-***@postfix.org
[mailto:owner-postfix-***@postfix.org]On Behalf Of Boring, Andrew
Sent: Tuesday, May 04, 2004 2:50 PM
To: postfix-***@postfix.org
Cc: ***@n-dsi.com
Subject: RE: smtpd_client vs. smtpd_sender
Very nice Executive Summary Ralf :-)

Peggy,
The CLIENT is the connecting MACHINE.
The SENDER is the envelope EMAIL ADDRESS in the MAIL FROM: command.

To be more explicit about restrictions,
(from http://www.postfix.org/SMTPD_ACCESS_README.html#lists):

Restriction list name Effect of REJECT or DEFER result
--------------------- --------------------------------
smtpd_client_restrictions Reject all client commands
smtpd_helo_restrictions Reject HELO/EHLO information
smtpd_sender_restrictions Reject MAIL FROM information
smtpd_recipient_restrictions Reject RCPT TO information
smtpd_data_restrictions Reject DATA command
smtpd_etrn_restrictions Reject ETRN command

Yes, but read the docs on its use:
http://www.postfix.org/postconf.5.html#smtpd_data_restrictions

If you are still running 2.0.x, you can determine if a parameter is
valid by issuing "postconf some_parameter". Or you can search for it in
your readme_directory or sample_directory:

grep smtpd_data_restrictions /path/to/[readme|sample]_directory/*

And of course, much of the 2.1 documentation specifies whether a
parameter or command is valid in older versions of Postfix.

=20