- Previous message: Justin Zygmont: "Re: restriction class"
- Maybe in reply to: Harvey Smith: "Re: restriction class"
- Next in thread: Harvey Smith: "Re: restriction class"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: mouss (no email)
Date: Fri Dec 02 2005 - 21:57:39 EST
Justin Zygmont a écrit :
> On Thu, 1 Dec 2005, Harvey Smith wrote:
>
> doesn't seem to work, nothing will send that way. Did you try it like
> this before?
>
if by local only users you mean people who can't talk with the "outside"
world, then this has been answered so many times. it amounts to:
smtpd_recipient_restrictions =
...
check_sender_access hash:$dir/poor_guys
...
local_only =
reject_unauth_destination
permit_sasl_authenticated
permit_mynetworks
reject
and in poor_guys, you have
.example local_only
...
these users can then communicate with people in
local/virtual/relay/alias domains. This should be enough for most purposes.
The trick here is that local_users aren't allowed to relay (and don't
get mail from outside). This trick helps you get rid of domains and
networks.
if you want to change this so that
1- they can only talk to some domains (instead of all
local/virtual/relay/alias domains)
2- they can also connect from some other clients
3- they can talk to some other domains
then that is still feasible, but it's easier with a policy service.
If you insist on using just postfix, then your issue is how to achieve
something like
foo.example dunno
bar.example dunno
* reject
The answer is to use pcre/regex or mysql/pgsql/ldap. hash can't.
|
|
|