Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Victor Duchovni (Victor.Duchovnimorganstanley.com)
Date: Tue Jun 09 2009 - 15:14:36 CDT
On Tue, Jun 09, 2009 at 08:32:40PM +0200, Magnus B?ck wrote:
> > The clients mail-servers connect to our postfix servers , authenticate
> > using a client-accountid and send the messages.
> > I would like to restrict the from domains for every client.(Mainly to
> > prevent inadvertent spam outbreaks)
This will prevent forgery of "owned" addresses, but will not restrict
senders from choosing an "unowned" address. For that, one also needs an
access table, that limits senders to use one of the owned addresses.
# Only suitable for MSA systems, DO NOT DO this on inbound MX hosts
# MUST return OK for owned addresses, also allow "<>" if some
# of the MSA clients are MTAs for a set of domains, and can
# send bounces. Of course, MTAs can also forward email, which
# without SRS or other similar pain, will be rejected!
# This table lists the same addresses as sender_login_maps, with
# an RHS of "OK" instead of a list of login names.
# rejects remaining sender addresses.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.