|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Frustration...
From: Craig Sanders (cas
taz.net.au)Date: Wed Aug 02 2000 - 19:39:11 CDT
- Next message: Atif Ghaffar: "ispman (ISP Manager) manage dns, apachevhosts, users, cyrus mailboxes with LDAP"
- Previous message: Kurt Andersen: "Re[3]: What does postfix do with /var/tmp?"
- In reply to: William Yodlowsky: "Re: Frustration..."
- Next in thread: William Yodlowsky: "Re: Frustration..."
- Reply: Craig Sanders: "Re: Frustration..."
- Reply: William Yodlowsky: "Re: Frustration..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Jul 27, 2000 at 09:22:17AM -0400, William Yodlowsky wrote:
> On Thu, 27 Jul 2000, Thomas Andres wrote:
>
> > > Right, but I wanted it to verify that it's a valid user... In
> > > other words, I can't send mail as doesntexistmydomain.dom unless
> > > there's a user "doesntexist" in my passwd file.
> >
> > All you gain with this are unhappy users. If you take a look
> > at the header of this mail you will see, that the FROM address
> > (tandresvis.ethz.ch) is quite different from my actual mail address
> > here at work (andresergon.ch). And there are good reason for using
> > this address!
> >
> > On the other hand I also use the address thomas.andresergon.ch for
> > business mail, which is a valid alias and would be blocked by your
> > scheme.
>
> True. But we are a school, and policies come down from above. For
> instance, I would rather not have to deal some student sending mail
> as <expletivemydomain.dom> and the recipient bringing some kind of
> action against us.
>
> That's my main worry about _not_ being able to filter that out. I was
> considering using regexp's but that would mean I'd have to list every
> bad word in the book ;-)
IMO, it's not worth worrying about. but if you really want to do it,
you could write a script which read in /etc/passwd and /etc/aliases and
generated a map file called, say, "validusers" with lines like:
user1your.domain OK
user2your.domain OK
user3your.domain OK
.
.
.
your.domain REJECT
then use it in smtpd_recipient_restrictions like so:
check_sender_access hash:/etc/postfix/validusers
it shouldn't take more than 20 or 30 lines of perl to do this....all you
have to do is extract the first field (":" delimited) from the passwd
and aliases files and output it in the right format, and run postmap to
create the hashed db.
just remember to run the script whenever you add or delete a user from
/etc/passwd or /etc/aliases. a Makefile is useful for automating this
kind of thing - get into the habit of editing whatever and then just
running 'make'.
note: the above idea is untested. it might even work. experiment until
it does :)
craig
-- craig sanders
- Next message: Atif Ghaffar: "ispman (ISP Manager) manage dns, apachevhosts, users, cyrus mailboxes with LDAP"
- Previous message: Kurt Andersen: "Re[3]: What does postfix do with /var/tmp?"
- In reply to: William Yodlowsky: "Re: Frustration..."
- Next in thread: William Yodlowsky: "Re: Frustration..."
- Reply: Craig Sanders: "Re: Frustration..."
- Reply: William Yodlowsky: "Re: Frustration..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]