1>>> # 2>>> # Initialize. 3>>> # 4>>> #msg_verbose 1 5>>> smtpd_delay_reject 0 6OK 7>>> mynetworks 127.0.0.0/8,168.100.3.0/28 8OK 9>>> mydestination porcupine.org 10OK 11>>> relay_domains porcupine.org 12OK 13>>> helo foobar 14OK 15>>> 16>>> # 17>>> # DNSWL (by IP address) 18>>> # 19>>> 20>>> # Allowlist overrides reject. 21>>> client_restrictions permit_dnswl_client,wild.porcupine.org,reject 22OK 23>>> client spike.porcupine.org 168.100.3.2 24OK 25>>> 26>>> # Allowlist does not fire - reject. 27>>> client_restrictions permit_dnswl_client,porcupine.org,reject 28OK 29>>> client spike.porcupine.org 168.100.3.2 30./smtpd_check: <queue id>: reject: CONNECT from spike.porcupine.org[168.100.3.2]: 554 5.7.1 <spike.porcupine.org[168.100.3.2]>: Client host rejected: Access denied; proto=SMTP helo=<foobar> 31554 5.7.1 <spike.porcupine.org[168.100.3.2]>: Client host rejected: Access denied 32>>> 33>>> # Allowlist does not override reject_unauth_destination. 34>>> client_restrictions permit 35OK 36>>> recipient_restrictions permit_dnswl_client,wild.porcupine.org,reject_unauth_destination 37OK 38>>> # Unauthorized destination - reject. 39>>> rcpt rname@rdomain 40./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.3.2]: 554 5.7.1 <rname@rdomain>: Relay access denied; to=<rname@rdomain> proto=SMTP helo=<foobar> 41554 5.7.1 <rname@rdomain>: Relay access denied 42>>> # Authorized destination - accept. 43>>> rcpt wietse@porcupine.org 44OK 45>>> 46>>> # 47>>> # RHSWL (by domain name) 48>>> # 49>>> 50>>> # Allowlist overrides reject. 51>>> client_restrictions permit_rhswl_client,dnswl.porcupine.org,reject 52OK 53>>> # Non-allowlisted client name - reject. 54>>> client spike.porcupine.org 168.100.3.2 55./smtpd_check: <queue id>: reject: CONNECT from spike.porcupine.org[168.100.3.2]: 554 5.7.1 <spike.porcupine.org[168.100.3.2]>: Client host rejected: Access denied; proto=SMTP helo=<foobar> 56554 5.7.1 <spike.porcupine.org[168.100.3.2]>: Client host rejected: Access denied 57>>> # Allowlisted client name - accept. 58>>> client example.tld 168.100.3.2 59OK 60>>> 61>>> # Allowlist does not override reject_unauth_destination. 62>>> client_restrictions permit 63OK 64>>> recipient_restrictions permit_rhswl_client,dnswl.porcupine.org,reject_unauth_destination 65OK 66>>> # Non-allowlisted client name. 67>>> client spike.porcupine.org 168.100.3.2 68OK 69>>> # Unauthorized destination - reject. 70>>> rcpt rname@rdomain 71./smtpd_check: <queue id>: reject: RCPT from spike.porcupine.org[168.100.3.2]: 554 5.7.1 <rname@rdomain>: Relay access denied; to=<rname@rdomain> proto=SMTP helo=<foobar> 72554 5.7.1 <rname@rdomain>: Relay access denied 73>>> # Authorized destination - accept. 74>>> rcpt wietse@porcupine.org 75OK 76>>> # Allowlisted client name. 77>>> client example.tld 168.100.3.2 78OK 79>>> # Unauthorized destination - reject. 80>>> rcpt rname@rdomain 81./smtpd_check: <queue id>: reject: RCPT from example.tld[168.100.3.2]: 554 5.7.1 <rname@rdomain>: Relay access denied; to=<rname@rdomain> proto=SMTP helo=<foobar> 82554 5.7.1 <rname@rdomain>: Relay access denied 83>>> # Authorized destination - accept. 84>>> rcpt wietse@porcupine.org 85OK 86>>> # Numeric TLD - dunno. 87>>> rcpt wietse@12345 88./smtpd_check: <queue id>: reject: RCPT from example.tld[168.100.3.2]: 554 5.7.1 <wietse@12345>: Relay access denied; to=<wietse@12345> proto=SMTP helo=<foobar> 89554 5.7.1 <wietse@12345>: Relay access denied 90>>> rcpt wietse@12345.porcupine.org 91OK 92>>> rcpt wietse@porcupine.12345 93./smtpd_check: <queue id>: reject: RCPT from example.tld[168.100.3.2]: 554 5.7.1 <wietse@porcupine.12345>: Relay access denied; to=<wietse@porcupine.12345> proto=SMTP helo=<foobar> 94554 5.7.1 <wietse@porcupine.12345>: Relay access denied 95