|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Neil Williams (neil
limakilo.com)
Date: Sun Sep 02 2007 - 09:01:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The approach suggested by Noel works a treat.
Many thanks
Neil
Noel Jones wrote:
> At 01:38 PM 8/30/2007, Neil Williams wrote:
>> Dear postfix-users
>>
>> My Postfix server allows relaying by authenticated remote SMTP
>> clients, because main.cf has:
>>
>> smtpd_recipient_restrictions=permit_mynetworks,
>> permit_sasl_authenticated, reject_unauth_destination
>> smtpd_sasl_auth_enable=yes
>> smtpd_sasl_security_options=noanonymous
>>
>> This way all of the users (virtual mailbox owners) can set their MUA
>> to use my system as their outgoing server (if they supply a username
>> and password).
>>
>> What should I do if I would like to restrict this relaying access to
>> only a few users on the system?
>
> The simple way would be to replace "permit_sasl_authenticated" with a
> check_sender_access map.
> # main.cf
> smtpd_recipient_restrictions =
> permit_mynetworks
> check_sender_access hash:/etc/postfix/allowed_sasl_senders
> reject_unauth_destination
>
> # allowed_sasl_senders
> user1example.com permit_sasl_authenticated
> user2example.com permit_sasl_authenticated
>
> You may want to also restrict which authenticated users can use which
> login ID by using smtpd_sender_login_maps and
> reject_sender_login_mismatch. This would prevent user3example.com
> from sending mail claiming to be from user2example.com. This may or
> may not be needed in your environment.
>
--
Neil Williams BEng, PhD
LimaKilo Information Systems
15 Dunfermline Business Centre
Izatt Avenue
DUNFERMLINE
Fife KY11 3BZ
07976 852 467
neillimakilo.com
www.limakilo.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]