Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: mouss (moussml.netoyen.net)
Date: Tue Jan 13 2009 - 14:40:07 CST
jeff_homeip a écrit :
> --- In postfixyahoogroups.com, Victor Duchovni <Victor.Duchovni...> wrote:
>>> Am I then correct in concluding that with:
>>> smtpd_sender_restrictions =
>> Observe that the order of the first two elements is not entirely
I hope you didn't miss this.
in your restrictions, reject_authenticated_* is useless, because
authenticated transactions have been permitted by permit_sasl_authenticated.
or did you mean reject_UNauthenticated_*?
> thank you for confirming, and allowing my still-growing knowledge of postfix to confirm
> your answers. this will help quite a lot!
to sum up:
- if fooexample.com can only be used by user 'foo', then use
- if fooexample.com must be authenticated (but you don't care who the
user is), then use reject_unauthenticated_*
- if fooexample.com can be used (without auth) OR (if auth'ed, the user
must be 'foo'), then use reject_authenticated_*.
<advanced> (skip if not confident...)
you can implement this on a per sender basis using a check_sender_access
with a map that returns one of the above depending on the sender.