|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Postfix spam control from trusted IPs in mynetworks
From: Tony Earnshaw (tonye
billy.demon.nl)
Date: Fri Jan 02 2004 - 04:17:02 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
fre, 02.01.2004 kl. 08.01 skrev Radha V:
> The client IPs (trusted IPs) which are specified in mynetworks should
> not
> be allowed to send mail with FROM address other than the domains
> specified in relaydomains file. This restriction should apply only for
> the
> IPs in mynetworks. That is
>
> If a mail from yahoo/hotmail to any domain in the relaydomains file,then
> it should go through.
[...]
> Plz suggest ways to implement this kind of restriction.
Definitely. I don't trust my users further than I can spit. Using
Postfix November snapshot I use the following policy:
1: All smtp-authenticated users may relay from anywhere on $mynetworks
or the Internet;
2: No non smtp-authenticated user may relay;
3: smtp-authenticated users may not change their e-mail address (realm)
once authenticated. Exceptions are made for groups to which those users
belong (i.e. tonyemydomain.tld is member of the Posix group
supportmydomain.tld, so he may use support's address to mail with).
So, my suggestion would be smtp AUTH. Lets through all Internet mail
unhindered, whilst it prevents internal spammers and pranksters.
--Tonni
--
mail: billy - at - billy.demon.nl
http://www.billy.demon.nl
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]