From: Andreas Winkelmann (mlawinkelmann.de)
Date: Sun Jun 04 2006 - 10:29:01 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Sunday 04 June 2006 17:14 schrieb Gaby vanhegan:

> I have SASL working and authenticating in postfix, and over SSL and
> TLS quite happily. I have had to go down the getpwent() route for
> user authentication, which effectively means that every account with
> a password in /etc/passwd can authenticate and send mail. I don't
> really want to use sasldb or an SQL backend, if avoidable.
>
> How can I limit this in postfix to a subset of these users? Can I do
> this:
>
> smtpd_client_restrictions = hash:/etc/postfix/relay_users, ...
>
> And then have a list of user names in /etc/postfix/relay_users that
> are allowed to relay? Can I limit the sasl authentication to only
> allow users who are in a given group?
>
> On my previous qmail setup, there was a poppasswd file that had
> username/passwords that were allowed to relay, and this was checked
> using checkpasswd, an external program. I suspect that I can use
> this with saslauthd, which would restrict the usernames more
> effectively, as well as provide CRAM-MD5 authentication, but the
> documentation for cyrus-sasl seems non-existant.
>
> I feel like I'm stumbling around in the dark here. Can anybody help?

http://www.postfix.org/RESTRICTION_CLASS_README.html#external

--
        Andreas

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]