Postfix SMTP client whitelisting

I run a Postfix + Dovecot email server for my personal email. Common setups include reject_unknown_reverse_client_hostname for SMTP clients to reduce invalid connections attempts, but this became a problem when my new metro wireless ISP assigned me an IP that has no PTR record, causing my mail server to reject my own local email client’s SMTP connections!

In this post I present two solutions: simply adding permit_sasl_authenticated to the SMTP client restrictions, or implementing a more complex but generic whitelist via check_client_access and a MariaDB (or MySQL) database table.

Setting up OpenVPN with Android and Tomato

I recently updated my router’s firmware to Advanced Tomato, which is just a modern HTML5 reskin of Tomato by Shibby, which is an update of the original Tomato for the famous WRT54GL. Tomato is a router firmware that supports a wide variety of improved functions, including QoS, realtime bandwidth monitoring and logging, easy LAN DHCP management, etc. – including an OpenVPN server and client, as well as a few other VPN solutions. Tomato supports a number of routers, including my ASUS RT-N16.