OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Kelly Sauke (ksauke_at_fastenal.com)
Date: Tue Oct 01 2002 - 16:25:46 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    For those of you that might be curious, I managed to get this done using
    only postfix by taking a different approach to it. I didn't use
    /etc/aliases at all (except to define the lists).

    Here is the config that I used to do what I wanted.

    #Sending Controls for Lists
    smtpd_restriction_classes =
             may_use_lists,
             may_not_use_lists

    smtpd_recipient_restrictions =
            check_sender_access hash:/etc/postfix/policy_for_senders,
            permit_mynetworks,
            permit_mx_backup,
            reject_unauth_destination,
            check_relay_domains

    may_use_lists =
             permit
             #allow ANY mail

    may_not_use_lists =
             check_recipient_access hash:/etc/postfix/disallowed_recipients
            permit

    policy_for_senders file:

    allowed_to_sendfastenal.com may_use_lists
    * may_not_use_lists

    disallowed_recipients file:
    list1servername.fastenal.com REJECT

    This config works for what I was needing...maybe I wasn't making myself
    clear on what I was looking for. Now, the only question I have is what
    is the ramification of having the definition of may_use_lists = permit?
      Is that going to make me an open-relay as configured?

    KS

    Craig Sanders wrote:
    > On Thu, Sep 19, 2002 at 03:07:51PM -0500, Kelly Sauke wrote:
    >
    >>I've scoured the docs and online archives and haven't really found the
    >>info I'm looking for so I thought I would post. How does one allow
    >>for local delivery of an email through a script running out of
    >>/etc/aliases. Namely, I have a distribution list of all local
    >>accounts in my /etc/aliases. This list has to have security on it to
    >>only allow certain addresses to send to it.
    >
    >
    > you want a mailing list manager (such as majordomo, ecartis, mailman,
    > courier-mlm, and many others). install one and create a list with
    > closed subscription and closed posting (i.e. only the moderator and/or
    > members may post).
    >
    > you could write your own script to do the above but then you'd only be
    > reinventing the wheel.
    >
    > BTW, unless you have tens or hundreds of thousands of subscribers, it
    > really doesn't matter which list manager you use, they're all capable of
    > handling small-medium sized lists without trouble. i'd personally
    > recommend either ecartis or mailman as being good, modern mailing list
    > managers.
    >
    > craig
    >

    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users