From 54b254df2d50a1fae539db30db08d7c59d5537b8 Mon Sep 17 00:00:00 2001
From: Marcello Coutinho <marcellocoutinho@gmail.com>
Date: Mon, 7 May 2012 12:21:57 -0300
Subject: postfix - change sender acl priority during header checks

---
 config/postfix/postfix.inc | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

(limited to 'config/postfix/postfix.inc')

diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc
index d92e380f..93fae05a 100644
--- a/config/postfix/postfix.inc
+++ b/config/postfix/postfix.inc
@@ -471,16 +471,16 @@ smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_
 				permit							
 
 smtpd_recipient_restrictions = permit_mynetworks,
+				reject_unauth_destination,
+				reject_unauth_pipelining,
 				check_client_access pcre:/usr/local/etc/postfix/cal_pcre,
 				check_client_access cidr:/usr/local/etc/postfix/cal_cidr,
+				check_sender_access hash:/usr/local/etc/postfix/sender_access,
 				reject_invalid_helo_hostname,
-				reject_unknown_recipient_domain,
 				reject_non_fqdn_helo_hostname,
+				reject_unknown_recipient_domain,
 				reject_non_fqdn_recipient,
-				reject_unauth_destination,
-				reject_unauth_pipelining,
 				reject_multi_recipient_bounce,
-				check_sender_access hash:/usr/local/etc/postfix/sender_access,
 				SPFSPFSPFRBLRBLRBL
 
 EOF;
@@ -500,14 +500,19 @@ smtpd_sender_restrictions = reject_unknown_sender_domain,
 				RBLRBLRBL							
 
 # Allow connections from specified local clients and rbl check everybody else if rbl check are set.
-smtpd_client_restrictions = check_client_access pcre:/usr/local/etc/postfix/cal_pcre,
-				check_client_access cidr:/usr/local/etc/postfix/cal_cidr,
+smtpd_client_restrictions = reject_unauth_destination,
+				check_sender_access hash:/usr/local/etc/postfix/sender_access,
+				check_client_access pcre:/usr/local/etc/postfix/cal_pcre,
+				check_client_access cidr:/usr/local/etc/postfix/cal_cidr
 				RBLRBLRBL
 
 # Whitelisting: local clients may specify any destination domain.
 #,
 smtpd_recipient_restrictions = permit_mynetworks, 
 				reject_unauth_destination,
+				check_sender_access hash:/usr/local/etc/postfix/sender_access,
+				check_client_access pcre:/usr/local/etc/postfix/cal_pcre,
+				check_client_access cidr:/usr/local/etc/postfix/cal_cidr,
 				SPFSPFSPFRBLRBLRBL
 
 EOF;
-- 
cgit v1.2.3