Today I got some hints how to use different Access Policy Delegation with postfix. This it opens the possibility to use different check_policy_service in dependency on sender address, client ip ... and so on.
Create aliases for groups of access restrictions in
smtpd_restriction_classes = policy1, policy2, policy1 = check_policy_service inet:127.0.0.1:12525 policy2 = check_policy_service inet:127.0.0.1:12526
# echo "127.0.0.1 policy1" > /etc/postfix/ip_rules.cidr # echo "127.0.0.2 policy1" >> /etc/postfix/ip_rules.cidr # echo "0.0.0.0/0 policy2" >> /etc/postfix/ip_rules.cidr
check_client_access cidr:/etc/postfix/ip_rules.cidr at the end of
In this scenario you can have different access policies based on the client ip. It is also possible to base it on client reverse dns with help of pcre maps and recipient/sender address and hash maps