<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from text --><style><!-- .EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; } --></style>
</head>
<body>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:11pt; color:black">
<span style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:11pt; color:black">Technically, this question belongs to the postfix mailing list since this is not an amavis related. They will be able to assist you better.<br>
<br>
<br>
<br>
<span style="color:black">-----Original Message----- <br>
<b>From:</b> Scappatura Rocco [Rocco.Scappatura@infracom.it]<br>
<b>Received:</b> Wednesday, 14 Jun 2017, 6:09AM<br>
<b>To:</b> 'amavis-users@amavis.org' [amavis-users@amavis.org]<br>
<b>Subject:</b> Client host rejected: Access denied<br>
<br>
</span></span></div>
<font size="2"><span style="font-size:10pt;">
<div class="PlainText">Hello.<br>
<br>
My MTA (Debian Lenny with postfix+amavisd-new+spamassassin+clamav) rejected an SMTP connection from Yahoo:<br>
<br>
Jun 13 17:04:01 av7 postfix/smtpd[25250]: NOQUEUE: reject: RCPT from sonic317-25.consmr.mail.ir2.yahoo.com[87.248.110.215]: 554 5.7.1 <sonic317-25.consmr.mail.ir2.yahoo.com[87.248.110.215]>: Client host rejected: Access denied; from=<xxx@yahoo.it> to=<yyy@example.com>
 proto=ESMTP helo=<sonic317-25.consmr.mail.ir2.yahoo.com><br>
<br>
I can't figure out why. Here my postfix config:<br>
<br>
alias_database = hash:/etc/aliases<br>
alias_maps = hash:/etc/aliases<br>
anvil_rate_time_unit = 60s<br>
append_dot_mydomain = no<br>
biff = no<br>
bounce_size_limit = 1<br>
config_directory = /etc/postfix<br>
content_filter = smtp-amavis:[127.0.0.1]:10024<br>
header_checks = regexp:/etc/postfix/header_checks<br>
inet_interfaces = all<br>
mailbox_size_limit = 0<br>
message_size_limit = 31457280<br>
mydestination = xxx.example.com, localhost.example.com, , localhost<br>
myhostname = xxx.example.com<br>
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128<br>
myorigin = /etc/mailname<br>
proxy_read_maps = proxy:mysql:/etc/postfix/mysql-relay-recipients.cf proxy:mysql:/etc/postfix/mysql-relay-domains.cf proxy:mysql:/etc/postfix/mysql-check-sender-access.cf proxy:mysql:/etc/postfix/mysql-check-recipient-access.cf proxy:mysql:/etc/postfix/mysql-check-client-access.cf
 proxy:unix:passwd.byname proxy:mysql:/etc/postfix/mysql-virtual-transports.cf<br>
readme_directory = no<br>
receive_override_options = no_address_mappings<br>
recipient_delimiter = +<br>
relay_domains = proxy:mysql:/etc/postfix/mysql-relay-domains.cf<br>
relay_recipient_maps = proxy:mysql:/etc/postfix/mysql-relay-recipients.cf<br>
relayhost =<br>
smtp_host_lookup = native<br>
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache<br>
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)<br>
smtpd_client_connection_count_limit = 20<br>
smtpd_client_connection_rate_limit = 40<br>
smtpd_client_message_rate_limit = 50<br>
smtpd_client_recipient_rate_limit = 250<br>
smtpd_error_sleep_time = 0s<br>
smtpd_hard_error_limit = 10<br>
smtpd_recipient_limit = 100<br>
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031 permit_sasl_authenticated check_client_access proxy:mysql:/etc/postfix/mysql-check-client-access.cf permit_mynetworks reject_unauth_destination reject_non_fqdn_sender reject_non_fqdn_recipient
 reject_unlisted_sender reject_unlisted_recipient reject_unknown_sender_domain reject_invalid_hostname reject_rbl_client psbl.surriel.com, reject_rhsbl_sender dsn.rfc-ignorant.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client truncate.gbudb.net, reject_rbl_client
 zen.spamhaus.org, check_policy_service inet:127.0.0.1:2501<br>
smtpd_sasl_auth_enable = yes<br>
smtpd_sasl_security_options = noanonymous<br>
smtpd_sender_restrictions = check_sender_access proxy:mysql:/etc/postfix/mysql-check-sender-access.cf check_recipient_access proxy:mysql:/etc/postfix/mysql-check-sender-access.cf check_recipient_access proxy:mysql:/etc/postfix/mysql-check-recipient-access.cf<br>
smtpd_soft_error_limit = 5<br>
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem<br>
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key<br>
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache<br>
smtpd_use_tls = yes<br>
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual-transports.cf<br>
<br>
As you can see ' smtpd_client_restrictions' is not used.<br>
<br>
Could someone explain the reason of the rejection?<br>
<br>
Regards,<br>
<br>
RS<br>
<br>
<br>
<br>
</div>
</span></font>
</body>
</html>