From: Sylvain MEDEOT (symedeotyahoo.fr)
Date: Tue Oct 02 2007 - 01:18:15 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

mouss a écrit :
> Sylvain MEDEOT wrote:
>> mouss a écrit :
>>> Sylvain MEDEOT wrote:
>>>> Hi,
>>>>
>>>> I need to restrict some of my local mail accounts in order for them to be allowed to send
>>>> mails only to specific email adresses.
>>>>
>>>> accountmydomain.com => accountanotherdomain.com
>>>> => account2anotherdomain2.com
>>>> => *mydomain.com
>>>>
>>>> To do so, I was thinking about regexp in header_check but I am not sure that it is the
>>>> best way to do so.
>>>>
>>>> Can somebody on the list point me to the best way to do that ?
>>>>
>>> if you have few such "rules", then you can use restriction classes.
>>>
>>> if you want a more flexible way, then you can use a policy service as
>>> already suggested. I think apolicy does things like this. It may also be
>>> possible to setup a configuration based on Cami's policyd (sorry for the
>>> new maintainer, I'm too used to calling it like this), but I can't swear
>>> it;-p
>> Hi,
>>
>> I followed your suggestion and wrote a policy service.
>>
>> It works well with local users but I get a relay denied when my users try to send mails
>> outside our domain. Postfix is configured as follows :
>>
>> smtpd_recipient_restrictions is : = reject_unauth_destination check_policy_service
>> unix:private/policy
>>
>> Then it I change smtpd_recipient_restrictions to
>>
>> smtpd_recipient_restrictions is : = permit_mynetworks reject_unauth_destination
>> check_policy_service unix:private/policy
>>
>> ...but then any local user can send mail without the policy being checked...
>>
>
>
> put the policy check under smtpd_sender_restrictions and you're done.
>

Yes, it definitely works. Many thanks for your help and the help from the list.
Regards,
Sylvain

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]