On Tue, Jul 02, 2002 at 09:29:14AM +0200, Frank Bonnet wrote:

> I try to restrict the
> mail from:<anyuseresiee.fr>
> field to "real" logins and aliases for INTERNAL smtp connections
> ( in our IP address range )

Yes. We do this here as well.

> If by example, the address : anybozoesiee.fr
> have no login or aliases then reject/discard the smtp connection

Yep.

> I know this will not stop 100% internal spam but
> it will slow down it.

Oh yes.

So how do we do it:
smtpd_recipient_restrictions =
   permit_mynetworks
   check_client_access btree:/etc/postfix/client_checks
   reject_unauth_destination
   permit

# mynetworks is really small in that case!
   
smtpd_restriction_classes =
   verify_sender

verify_sender =
   check_sender_access btree:/etc/postfix/valid_charite_senders
   check_sender_access pcre:/etc/postfix/reject

in /etc/postfix/client_checks:

internal.net.work.ip verify_sender
anotherinternal.net.work.ip verify_sender

and in /etc/postfix/reject:

/./ 554 Please use a valid charite.de Address!

-- 
Ralf Hildebrandt (Im Auftrag des Referat V A)   Ralf.Hildebrandtcharite.de
Charite Campus Virchow-Klinikum                 Tel.  +49 (0)30-450 570-155
Referat V A - Kommunikationsnetze -             Fax.  +49 (0)30-450 570-916
Vampireware /n/, a project, capable of sucking the lifeblood out of
anyone unfortunate enough to be assigned to it, which never actually
sees the light of day, but nonetheless refuses to die.
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]