|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Maybe design error in lookup mechanism
From: Victor Duchovni (Victor.Duchovni
MorganStanley.com)
Date: Wed Mar 02 2005 - 09:24:40 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Mar 02, 2005 at 04:46:06PM +0200, Michaylov Michael wrote:
> [Description]
>
> Access should be distributed between those "vtg.com.ua" domain users,
> who can send mail over domain boundaries and those who can send mail
> only within domain boundaries.
>
> [Realization]
>
> smtpd_restriction_classes = local, remote
>
> local = check_recipient_access pcre:/usr/local/etc/postfix/maps/local
> remote = check_recipient_access pcre:/usr/local/etc/postfix/maps/remote
>
> /usr/local/etc/postfix/maps/local has:
> /vtg.com.ua/ OK
> /.*/ REJECT local account
>
> /usr/local/etc/postfix/maps/remote has:
> /.*/ OK
>
> smtpd_recipient_restrictions =
> check_sender_access ldap:/usr/local/etc/postfix/sender.cf,
> local,
> reject
>
Stop right there and go back to basics. Read books, online docs, list
archives, ... until you understand restrictions a lot better. This
is wrong on so many levels it is hard to know where to start.
http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt
http://www.postfix.org/SMTPD_ACCESS_README.html
http://www.postfix.org/RESTRICTION_CLASS_README.html
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]