<br><br><div class="gmail_quote">On Wed, Mar 28, 2012 at 12:02 PM, Sampson, Aaron <span dir="ltr"><<a href="mailto:Sampson@p2sol.com">Sampson@p2sol.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="white" link="blue" vlink="purple" lang="EN-US">
<div>
<p class="MsoNormal"><span style="color:#1f497d">Just to clairify<u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="color:#1f497d">We have been using the:<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Microsoft Sans Serif","sans-serif"">smtpd_helo_restrictions =<br>
permit_mynetworks,<br>
reject_non_fqdn_helo_hostname,<br>
reject_invalid_helo_hostname,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Microsoft Sans Serif","sans-serif"">reject_unknown_helo_hostname,
</span><span style="font-size:10.0pt;font-family:Wingdings">ß</span><span style="font-size:10.0pt;font-family:"Microsoft Sans Serif","sans-serif""> this is the only one we are thinking about changing<br>
permit<br>
<br>
</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">but that has been my main concern is that turning this off opens the door to a lot of spam, which also means I will have to hear about it from the users.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="color:#1f497d"> </span></p></div></div></blockquote></div><br>No need to turn it off.<br><div>Just add<br>
smtpd_helo_restrictions =<br> permit_mynetworks,<br> <b>check_client_access hash:/etc/postfix/client_</b><b>whitelist</b>,<br> ...<br><br>Inside
/etc/postfix/client_whitelist, put the IP Addresses (one on each line)
of the new acquisitions with OK beside each. I'm assuming those smaller
companies have dedicated IP's they're coming from which could be determined through the merger/acquisition discussions.<br>
</div><blockquote class="gmail_quote" style="margin:0pt 0pt 0pt 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div bgcolor="#FFFFFF"><div><div><blockquote type="cite"><div><div><p class="MsoNormal">
<span style="color:rgb(31,73,125)">but I am wondering if I comment out
that option and allow the message to go through will MS be able to take
that message and out it into quarantine</span></p></div></div></blockquote></div>
</div></div></blockquote><div>If you really want to move them to
quarantine, then create a spamassassin rule based on the header finding
those IP Addresses and add a score high enough so it winds up as High
Scoring Spam. Seems redundant (and resource intensive) to allow them
only in to then block them again.<br>
</div><br>