From: mouss (no email)
Date: Tue Nov 01 2005 - 13:14:11 EST
Udo Rader a écrit :
>Hi,
>
>we have a rather complex postfix installation here and would now like to
>restrict the domains being used for _sending_ mails.
>
>I have really tried to find something in the vast documentation, but I
>did not come very far (or did not understand the various pieced needed
>for it).
>
>We have some local clients here but also a couple of external customers
>that we relay email for and some days ago I noticed that some of them
>are sending mails with "illegal" sender addresses.
>
>Our configuration is LDAP based, as we are doing virtual hosting, if
>that matters.
>
>So any thoughts on how to implement this?
>
>
don't use permit_mynetworks. instead use a check_client_access, and in
the access file use something like:
10.0.0.0/8 policy_mynetworks
....
then in policy_mynetworks (which you have added to restriction classes),
put whatever checks you want. for example:
policy_mynetworks =
check_sender_access hash:$dir/allowed_sender_domains
permit
note that this doesn't control what addresses are used when you do
permit_sasl_authenticated. but this is handled by login sender mismatch
("grep" for login_mismatch in postconf(5) or read a very recent thread).
|
|
|