|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Glen Lee Edwards (gle
holiness.ch)
Date: Thu May 01 2008 - 08:36:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 2008-05-01 at 13:26 -0500, Noel Jones wrote:
> Glen Lee Edwards wrote:
> > Background:
> >
> > I'm trying to set up a local_only restriction class, but apparently am
> > doing something wrong. In the directions, it states the following:
> >
> > ************
> > Note: this scheme does not authenticate the user, and therefore it can
> > be bypassed in several ways:
> >
> > * By sending mail via a less restrictive mail relay host.
> >
> > * By sending mail as someone else who does have permission to send
> > mail to off-site destinations.
> > ************
> >
> > I'm guessing that it's failing due to the line, "By sending mail as
> > someone else..." Here's what I'm trying to do:
> >
> > I have no local users who need off site access. The only local user who
> > needs to send any mail at all is the apache web server, who is user
> > www.
> >
> > My goal: I want no off site deliveries of mail that originates from the
> > web server, so contact forms on web sites that I host that send out mail
> > must be sent so that the mail has to be delivered to a local POP3 box,
> > otherwise it must to be rejected by Postfix if addressed to any off site
> > destination.
> >
> > The problem: Mail is still being delivered off site even though I've set
> > up a local_user restriction class.
> >
> > The cause (I think): Mail is leaving here with the envelope sender being
> > wwwexample.com. The contact forms are rewriting the From: line to show
> > the address of the individual who is filling out the form. Is that my
> > problem? If so, is there a fix?
> >
>
> I would guess the problem is that your web server submits mail
> using the 'sendmail' command rather than through SMTP.
> Postfix smtpd_*_restrictions are only effective on mail
> submitted via SMTP.
Yes, that's correct. Is there a work around? I suppose I could change
the ownership of the 'sendmail' command so the webserver can't use it
and force everyone to use SMTP.
I keep getting black listed by AT&T, and I'm getting tired of it. I'm
trying to shut off all outgoing mail originating from here, and serious
limit the number of users who have forwarding addresses that accept off
site mail and forward said mail to off site locations.
Glen
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]