[EMAIL PROTECTED] schrieb:
Hi all
I can't reset his sals password.
What we want is let him send to our domain (he is phisicaly out of the
office), and let him to send outside (but all mails coming from this
person and goes to a diferent domain get defer)
So the user thinks he still can send outside mails, but those mails
never get deliver.
(we've got some nasty user doing nasty things)
I know i can achive this situation playing whit
smtp_sender_restrictions but it isn't to much clear to me right now.
thanks to all
On Fri, Sep 12, 2008 at 5:17 PM, Robert Schetterer
<[EMAIL PROTECTED]> wrote:
[EMAIL PROTECTED] schrieb:
Hello all.
I have got a situation where a user is autenticated against SASL to
let him send mails.
Now we want that this user is able to send only mails to our domain
and don't let him to send an email to a diferent doamin than ours.
is it posible ?
thanks.
simple disable or change his sasl password
or/and use an access map to reject by mailadress, ip whatever
seems best fitting
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
you may need advanced setup for that
first
matching his mailaddress ( make sure with sasl that he only can use
the one he is allowed to )
like this
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_unlisted_sender,
permit_mynetworks,
reject_authenticated_sender_login_mismatch,
permit_sasl_authenticated,
you need a additional table
smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps
/etc/postfix/sender_login_maps
[EMAIL PROTECTED] sasl_username
or if you want a sasl user may use all adresses from a domain
@address.de sasl_username
( but this is not what you want in this case but you might need it with
other users, as you need to have a match for all existing sasl users
by using the rule above )
after making sure this way that the sasl user cant only send
with specific mail from adresses
you create a table
like this matching this address
smtpd_recipient_restrictions =
...
check_sender_access hash:/etc/postfix/filterted_sender_access,
....
reject_unauth_destination,
...
with
/etc/postfix/filterted_sender_access
[EMAIL PROTECTED] smtpd_restriction_class i.e
[EMAIL PROTECTED] filtered_sender_to_our_domain_only
then in main cf
smtpd_restriction_class = filtered_sender_to_our_domain_only
filtered_sender_to_our_domain_only =
check_recipient_access
hash:/etc/postfix/recipient_access_to_our_domain_only,
check_recipient_access regexp:/etc/postfix/discard_all_mail.regexp,
permit
with
/etc/postfix/recipient_access_to_our_domain_only
ourdomain.de OK
and
/etc/postfix/discard_all_mail.regexp
/^/ DISCARD
i am not sure about discarding all the restmails maybe a filter to/or
redirect the mails would be better to have a look what your ugly user
does/mail , and i may have bugs in this
so some others from the list may have a more easy solutuion
or correct me
please next time use the list to progagate exactly what you trying to setup
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
