Thanks Bill...
these are my restrictions...
smtpd_restriction_classes =
               clase_spamtrap-spam
clase_spamtrap-spam =
               check_client_access regexp:/etc/postfix/spamtrap-spam,
               permit
smtpd_sender_restrictions =
               permit_mynetworks,
               check_sender_access hash:/etc/postfix/wl_senders,
               check_sender_access hash:/etc/postfix/wl_recipients,
               check_client_access hash:/etc/postfix/bl_clients,               check_client_access hash:/etc/postfix/special_clients,
               reject_unknown_reverse_client_hostname,
               reject_unknown_sender_domain,
               check_sender_access regexp:/etc/postfix/special_senders,
              Â
smtpd_recipient_restrictions =
               permit_mynetworks,
               reject_unauth_destination,
               reject_unknown_recipient_domain,
               reject_unauth_pipelining,
              Â
My understading is that order is ok...
and yes, i use postmap for files that need it...
Thanks!
Pedreter.
From: Bill Cole <postfixlists-***@billmail.scconsult.com>
To: Postfix users <postfix-***@postfix.org>
Sent: Tuesday, July 26, 2016 3:00 PM
Subject: Re: REJECT and "optional text" question...
Post by Pedro David MarcoThanks Wietse...
yes, i have a check_sender_access - after-Â the check_client_access,
buti must be doing something wrong because the reject should have been
               check_client_access
hash:/etc/postfix/special_clients       Â
               check_sender_access
regexp:/etc/postfix/special_senders
Since those directives must be in one or more smtpd restriction lists,
which are run in a strict order, just knowing hat you have hem somewhere
in that order isn't enough information. This is why the subscription
message for this list includes the same instructions as the last section
of Postfix's DEBUG_README: provide the output of 'postconf -n' not just
fragments of main.cf.
Post by Pedro David MarcoPostfix does not complain at all about files fomat but...Wietse, is
the syntax correct? (for special_clients file)
205.201.128.108Â Â REJECT You are blacklisted
That should work. Did you run 'postmap
hash:/etc/postfix/special_clients' after adding that line? Maps in
'hash' format must be converted from text to binary format using postmap
for Postfix to use them.
Post by Pedro David Marcoi have also tried...
205.201.128.0/24 Â Â REJECT You are blacklisted
That would be suitable in a 'cidr' table but in a 'hash' table it would
not work. To get the same effect in 'hash' format, you could use this:
205.201.128 Â Â REJECT You are blacklisted
Post by Pedro David Marcohow do i reject from that IP with that text???
Correct your configuration :)
What *exactly* is wrong with your configuration is not obvious without
more information. My *guesses* about the most likely causes for your
problem are:
1. You need to postmap your special_clients file to create the binary
form.
2. Your check_client_access and check_sender_access directives are in
different restriction lists such that check_sender_access is being hit
first, despite being later in main.cf.
3. There's some other more complex problem which is entirely invisible
to us because we don't know enough about your configuration yet.