Does the ISPConfig Postfix and Spamfilter Whitelist accept wildcard subdomains?

Discussion in 'General' started by rwheindl, Apr 16, 2018.

  1. rwheindl

    rwheindl Member

    I'm seeing more and more server names with srvXXX.domain.com, where XXX is a server number in a pool of servers (probably to minimize blacklist problems). Some send with email addresses like [email protected], why I don't know. Not all of them have reverse host lookups that pass properly or consistently and some are important emails our customers are requesting be allowed through and not blocked or automatically rejected by postfix. I see this a lot with automated password reset emails or email confirmation messages after someone sets up a new account somewhere. Each resent email comes from a different server so they continue to get rejected.

    It seems like whitelisting with @domain.com does not automatically include these sub-domains or server names. Do I need to use something like @*.domain.com as an additional entry in the Spamfilter Whitelist and Postfix Whitelist to include these servers or addresses? What's the proper format or best way to handle this? For example, craigslist.org has been a problem.

    Or is there a global setting somewhere I can list common domains that need to bypass filters and potential rejects, instead of allowing on a customer by customer, domain by domain, basis for each hosted in ISPConfig?
     
    Last edited: Apr 16, 2018
  2. I hate to necro-bump, but I have the very exact question — and before I ultimately break everything on my configuration, it's worth asking first!
    Note that the ISPConfig3 manual gives on page 209 the only following examples:
    Either something like @*.domain.com is presumed to work... and thus not listed specifically... or it isn't directly supported.
    Or, if it is, I'd like to know where to configure it :)
     
  3. slagroom

    slagroom Member

    Not sure if ispconfig uses/offers this from UI, but In /etc/postfix/main.cf we can have:

    smtpd_client_restrictions = reject_unknown_client_hostname,
    check_sender_access pcre:/etc/postfix/sender_access
    smtpd_sender_restrictions = reject_unknown_sender_domain,
    check_sender_access pcre:/etc/postfix/sender_access

    and then in /etc/postfix/sender_access

    you put regex, something like
    Code:
    ^\@.*domain.com$/                 REJECT
    • ^ matches the beginning of the string.
    • \@ matches the literal character @.
    • .* matches any character zero or more times.
     

Share This Page