|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: Restricting users to local delivery only
From: Michael Phillips (mike.phillips
ieionline.com)Date: Wed Nov 01 2000 - 07:33:15 CST
- Next message: Pete O'Hara: "relay_domains parameter"
- Previous message: Ralf Hildebrandt: "Re: multiple domain question"
- In reply to: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Next in thread: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Reply: Michael Phillips: "RE: Restricting users to local delivery only"
- Reply: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
My ammended /etc/postfix/main.cf:
smtpd_sender_restrictions =
hash:/etc/postfix/restricted_senders, reject
restriction_classes = local_only
local_only = check_recipient_access hash:/etc/postfix/local_domains, reject
Ok, tried this and here's the log excerpts for an attempt to send from the
test account to an account that is non-local to our domain:
Nov 1 07:18:28 ponyexpress postfix/smtpd[2472]: connect from
rangi.ieionline.com[192.168.4.136]
Nov 1 07:18:29 ponyexpress postfix/smtpd[2472]: 0860A50002:
client=rangi.ieionline.com[192.168.4.136]
Nov 1 07:18:29 ponyexpress postfix/smtpd[2472]: warning: unknown smtpd
restriction: "local_only"
Nov 1 07:18:29 ponyexpress postfix/cleanup[2473]: 0860A50002:
message-id=<LPBBKDKPOGDDBCGILKOHGEOJDHAA.mikeieionline.com>
Nov 1 07:18:29 ponyexpress postfix/qmgr[2470]: 0860A50002:
from=<mikeieionline.com>, size=1166 (queue active)
Nov 1 07:18:29 ponyexpress postfix/smtpd[2472]: disconnect from
rangi.ieionline.com[192.168.4.136]
Nov 1 07:18:29 ponyexpress postfix/smtp[2475]: 0860A50002:
to=<mikecoosavalley.net>, relay=creek.coosavalley.net[207.230.68.5],
delay=0, status=sent (250 HAA21637 Message accepted for delivery)
Nov 1 07:25:15 ponyexpress postfix/smtpd[2493]: connect from
rangi.ieionline.com[192.168.4.136]
Nov 1 07:25:16 ponyexpress postfix/smtpd[2493]: 1B84A50002:
client=rangi.ieionline.com[192.168.4.136]
Nov 1 07:25:16 ponyexpress postfix/smtpd[2493]: warning: unknown smtpd
restriction: "local_only"
Nov 1 07:25:16 ponyexpress postfix/smtpd[2493]: reject: RCPT from
rangi.ieionline.com[192.168.4.136]: 554 <mikeieionline.com>: Sender address
rejected: Access denied; from=<mikeieionline.com> to=<mikecoosavalley.net>
Nov 1 07:25:21 ponyexpress postfix/smtpd[2493]: 43F7750002:
client=rangi.ieionline.com[192.168.4.136]
Nov 1 07:25:21 ponyexpress postfix/smtpd[2493]: warning: unknown smtpd
restriction: "local_only"
Nov 1 07:25:21 ponyexpress postfix/smtpd[2493]: reject: RCPT from
rangi.ieionline.com[192.168.4.136]: 554 <mikeieionline.com>: Sender address
rejected: Access denied; from=<mikeieionline.com> to=<mikeieionline.com>
Nov 1 07:25:26 ponyexpress postfix/smtpd[2493]: disconnect from
rangi.ieionline.com[192.168.4.136]
IF I have the "reject" on the smtpd_sender_restrictions line, ALL mail is
refused with an error code 554. If I change the "reject" to a "permit" ALL
mail is allowed....arrgggghhhhh...
Why is the warning: unknown smtpd restriction: "local_only" showing up in
the logs?
Ever feel that you were on the verge of solving a problem? :-)
Thanks!
Mike
> -----Original Message-----
> From: owner-postfix-userspostfix.org
> [mailto:owner-postfix-userspostfix.org]On Behalf Of Ralf Hildebrandt
> Sent: Wednesday, November 01, 2000 2:44 AM
> To: Michael Phillips
> Cc: postfix-userspostfix.org
> Subject: Re: Restricting users to local delivery only
>
>
> Michael Phillips wrote:
> >
>
> > I am new to postfix and am attempting to get my system setup to restrict
> > *some* users to local delivery while allowing other users the ability to
> > access off-site destinations. I have read the FAQ concerning
> this and, quite
> > frankly am stumped:
>
> You need to use the restriction_classes mechanism.
>
> > In /etc/postfix/main.cf:
> >
> > smtpd_recipient_restrictions =
> > hash:/etc/postfix/restricted_senders
>
> that must be smtpd_SENDER_restrictions, because you want to make
> decisions based on the SENDER of the email.
> Don't you need a permit or reject behind those?
> (As a default policy)
>
> > restriction_classes = local_only
> > local_only = hash:/etc/postfix/local_domains, reject
>
> What are you trying to restrict there? You're implying too much, try:
> local_only = check_recipient_access hash:/etc/postfix/local_domains,
> reject
>
> > in /etc/postfix/restricted_senders:
> >
> > testieionline.com local_only
> >
> > in /etc/postfix/local_domains:
> >
> > ieionline.com OK
> >
> > I have created the hashed map files using postmap
> hash:<filename> and then
> > perfomed a postfix reload. All test messages are delivered,
> including off
> > site destinations. Is there a HOWTO on this or can someone
> provide a clearer
> > example?
>
>
> --
> Ralf Hildebrandt innominate AG
> Dipl.-Inform. the networking people
- Next message: Pete O'Hara: "relay_domains parameter"
- Previous message: Ralf Hildebrandt: "Re: multiple domain question"
- In reply to: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Next in thread: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Reply: Michael Phillips: "RE: Restricting users to local delivery only"
- Reply: Ralf Hildebrandt: "Re: Restricting users to local delivery only"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]