wietseporcupine.org

• Next message: Andy Walden: "virtual_maps"
• Previous message: Kevin Hemenway: "Compatibility Question (simple one, I think)..."
• In reply to: Ralf Hildebrandt: "MLM's and restriction classes"
• Reply: Wietse Venema: "Re: MLM's and restriction classes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ralf Hildebrandt:
> A basic problem (I think):
>
> If I run a mailing-list, I can use:
>
> smtpd_restriction_classes = UNI-INTERN, LOCALHOST
> UNI-INTERN = check_client_access dbm:$config_directory/uni-intern,
> reject
> LOCALHOST = check_client_access dbm:$config_directory/localhost,
> reject
>
> to restrict access via SMTP (right?) to certain recipients:
>
> smtpd_recipient_restrictions =
> ... other ...
> check_recipient_access regexp:$config_directory/recipient_checks.regexp
> ... other ...
>
> It works so far. Now the question:
>
> Can these restriction be bypassed by injecting messages into the
> mail-system using Postfix's "sendmail"-command?

Absolutely. Restrictions implemented by the SMTP server are not
applied to mail that enters Postfix via other paths. The SMTPD
restrictions started as a temporary solution to get things going.

> My idea is to restrict posting to majordomo-driven mailinglists to the
> majordomo binary running on the mailserver, thus preventing spamming.

Not sure what you are getting at. If you have a majordomo-owned
alias table with the liast aliases in it, then Postfix will read
the :include: file with majordomo privileges. Perhaps that helps.

        Wietse

• Next message: Andy Walden: "virtual_maps"
• Previous message: Kevin Hemenway: "Compatibility Question (simple one, I think)..."
• In reply to: Ralf Hildebrandt: "MLM's and restriction classes"
• Reply: Wietse Venema: "Re: MLM's and restriction classes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]