|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Robert Schetterer (robert
schetterer.org)
Date: Thu Jul 26 2007 - 06:41:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Robert Schetterer schrieb:
> Robert Schetterer schrieb:
>> Narancs schrieb:
>>> Ralf Hildebrandt wrote:
>>>> * Narancs <narancs3externet.hu>:
>>>>
>>>>> Dear All,
>>>>>
>>>>> We are running postfix 2.3.2 as an internet mail gateway like this:
>>>>>
>>>>> Internet <-> Mailgw <-> company M$ Exchange SMTP on private network.
>>>>>
>>>>> Due to a bug in MS systems, whenever a company local user sends an email
>>>>> to a non-existent other local user (user exists in the AD, but doesn't
>>>>> have a mailbox for some other reasons), then MSexch wants to send the
>>>>> email through the relay_host which is the mailgw. Mailgw decides to send
>>>>> back the mail to the exch as its transport table says so and a mail loop
>>>>> is created.
>>>>>
>>>> Simply give the relay a list of recipients and you're done.
>>>> relay_recipient_maps. See my book.
>>>>
>>>>
>>> Dear Ralf,
>>> Well we've got hundreds of users and the list cannot be maintained, as
>>> they are changing frequently.
>>> AD/LDAP lookup is neither an option, just as I wrote, the win domain
>>> user exists, but has never used his/her email so no mailbox is created.
>>> By default all users/employers are granted company email access due to
>>> the company policy, but a lot of technical/field engineers just never
>>> log in to the network, but when they're employed, their account is created.
>>> /so I need a solution that if the sender's (from:) and the recipient's
>>> domain is the same, and it's our domain, the email is to be discarded./
>>> It's like headers_check, but multi-line intelligence.
>>> Thank you
>>> N.
>> perhaps this would work
>> or equal
>
>> smtpd_client_restrictions = permit_sasl_authenticated,
>> permit_mynetworks,
>> check_client_access hash:/etc/postfix/client_access,
>
>
>> /etc/postfix/client_access
>
>> ex.change.server.ip reject_local_users
>
>> smtpd_restriction_classes = reject_local_users
>
>> reject_local_users = check_sender_access
>> hash:/etc/postfix/check_local_sender_access
>
>> /etc/postfix/check_local_sender_access
>> mydomain.tld DISCARD
>
>
> sorry this was nonsense you would never could sen any mail thsi way *g
> from yourdomain, but maybe you could some match with a pcre table
smtpd_client_restrictions = permit_sasl_authenticated,
permit_mynetworks,
check_client_access hash:/etc/postfix/client_access,
/etc/postfix/client_access
ex.change.server.ip reject_local_users
smtpd_restriction_classes = reject_local_users
reject_local_users = check_recipient_access
hash:/etc/postfix/check_local_recipient_access
/etc/postfix/check_local_recipient_access
mydomain.tld DISCARD
this should work
- --
Mit freundlichen Gruessen
Best Regards
Robert Schetterer
Germany/Bavaria/Munich
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGqIiDfGH2AvR16oERAvLIAJ92gZFvIyfJDr0PdiItXqmrTpo4AQCfdAHE
43kTVUFpZnqKpEuCLmpPD9E=
=jfS4
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]