From: Tom Allison (no email)
Date: Mon Dec 01 2003 - 20:59:11 EST
Kyle Dent wrote:
> On Mon, 1 Dec 2003 wrote:
>
>
>>I've got a question about using a database for the access table.
>>
>>The intention is to, by default, REJECT or DEFER email while using a
>>database for keeping a list of 'OK' addresses.
>>
>>Is the answer this simple:
>>
>>smtpd_helo_restrictions = postgresql:/etc/postfix/sql_access.cf... reject
>>smtpd_sender_restrictions = postgresql:/etc/postfix/sql_access.cf... reject
>>
>>and to put the 'OK' addresses into the database?
>
>
> Only if the question is 'How do I create an open relay?' :-) You
> cannot allow relaying based on any client-supplied info (other
> than IP address). Look into SASL authentication or one of the
> before-POP solutions. See http://www.postfix.org/docs.html.
>
I don't see how this has anything to do with open relays.
...
I currently have
---
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
reject_unknown_sender_domain
-----
And was assuming that I could change the "hash:/etc/postfix/access"
statement.
Thinking about this further it might make sense to not have the access
lookup on the HELO but only on the MAIL FROM (smtpd_sender_restrictions)
portion of the UCE.
>
>>Also, I didn't see many examples on the use of postgresql...
>>Any suggestions on how best to use postgres for the database?
>
>
> Works the same as MySQL if those examples help.
>
I should have been more specific.
for a Berkely DB you use the term "hash"
for MySQL you use the term "mysql"
What do you use for postgres?
|
|
|