efa-project.org

Found something on internet how to set mynetworks in Postfix so that only a external single host is allowed connection to my server.

main.cf (postfix)
mynetworks = 192.168.0.0/24, 127.0.0.0/8, xxx.1xx.2.3
smtpd_client_restrictions = permit_mynetworks, reject

Fact is, Mailscanner (or EFA) is using some of these settings as well for outbound relay.

The change in main.cf made me recieve nothing anymore.

I need to find a way in EFA to restrict external access to a single bSMTP-host.
Otherwise I need to setup a firewall in front of it, but for 1 rule... hmmm rather not.

How can I set this somewhere?

You're describing a solution which didn't work. Would you please try and describe what you are trying to achieve and how your setup looks like?

As in my condition, my server is in a dynamic range, registered in some Dynamic Range RBL which Chello (provider) cannot reach as they will use RBL on inbound mail as well as in outbound mail. Kind of stupid to check an RBL on outbound, but they do so.

As my mailserver needs to accept chello mail as well, I have a bsmtp-provider which solves my problem. They are in a "legit" IP-range which doesn't bounce Chello mail.

That said, I have no need for any connection besides the bsmtp-provider to retrieve mail from.

A lot of spammers seem to hit my IP directly while it is NOT my MX-record. So anything connecting to me directly is spam anyway.

I want to setup EFA to accept messages only from 127.0.0.1, 192.168.0.0/24 and from my bsmtp-provider which has a single IP address.

I should have been able to fix this within the postfix config, but I already took care of it thru the router.
Port 25 is only forwarded with source IP from bsmtp.

Another solution would have been to setup an iptables rule to accept incoming smtp connections from that provider.

I heared someone mentioning that. As I am a MS guy, I will have to look that up with my friend... (Google)