Next message: Magnus Bäck: "Re: virtual alias table"
On Wed, Jan 11, 2006 at 01:31:54AM -0500, Justin Zygmont wrote:
> Hi, I am trying to setup postfix so that users can only send local email
> by default, and only certian users can send mail outbound. From the
> restriction class readme, it teases me saying it is left as an
> exercise:) I have tried to figure out how to do this without much luck,
> does anyone know how it is supposed to be done?
>
>
> thanks...
>
> -------------------------------------------------------------------
> It is left as an exercise for the reader to change this into a scheme
> where only some users have permission to send mail to off-site
> destinations, and where most users are restricted.
>
>
> /etc/postfix/main.cf:
> smtpd_recipient_restrictions =
> check_sender_access hash:/etc/postfix/restricted_senders
> ...other stuff...
>
> smtpd_restriction_classes = local_only
> local_only =
> check_recipient_access hash:/etc/postfix/local_domains, reject
>
> /etc/postfix/restricted_senders:
> foo at domain local_only
> bar at domain local_only
>
> /etc/postfix/local_domains:
> this.domain OK matches this.domain and subdomains
> that.domain OK matches that.domain and subdomains
Well, in less I'm missing something the thing that is confusing about
this is the "left as an exercise for the reader to change this into a
scheme where only some users have permission" line, as it appears this
scheme doesn't need any changes. Merely NOT putting your unrestricted
users in the /etc/postfix/restricted_senders file will allow them to
send as normal.
Though as an alternative, if you had many/most users as local_only and
only a small number that are unrestricted it might be easier to
maintain the list by unrestricted users instead of listing all the
restricted ones. For example in /etc/postfix/restricted_senders have:
OK
domain.tld local_only
Though for clarity you might want to change the file name to
unrestricted_senders.
--
Harvey
