- Previous message: Tolga: "Back to queue?"
- Maybe in reply to: mouss: "Re: LDAP smtpd_recipient_restrictions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: mouss (no email)
Date: Mon Oct 01 2007 - 07:56:53 EDT
James Wilson wrote:
> On 1 Oct 2007, at 05:51, mouss wrote:
>
>> use 2 maps. nothing requires that you check senders and recipients using
>> a single map.
>
> Hi Mouss,
>
> Could you please elaborate? Even with multiple maps, won't all internal
> domains be trusted?
>
you need is not completely specified (I don't know who can do what
exactly), but hee is the idea.
smtpd_restriction_classes =
...
only_domain2_senders
smtpd_recipient_restrictions =
...
check_recipient hash:/path/recipient_access
only_domain2_senders =
check_sender_access hash:/etc/path/domain2_allowed_senders
reject
== recipient_access:
domain2.example only_domain2_senders
== domain2_allowed_senders:
domain2.example OK
With this, only senders in domain2.example can send to addresses in
domain2.example.
of course, users can forge their sender address to get around this. if
this is a concern, you'll need authentication and
reject_sender_login_mismatch.
|
|
|