On 2/12/2010 5:27 AM, Неворотин Вадим wrote:
Ok, well, now I decide not to allow connections not from my internal
network. But I was really surprised that I can't fully operate with
different clients identification information.
Where can I write "feature request"?))) It will be good to add state
values (something like $is_from_mynetwork, $is_sasl_authenticated,
$has_valid_certificate and so on) to Postfix configuration, and add
ability to use logical operations with this variables to decide permit,
reject, defer etc.
Something like:
smtpd_recipient_restrictions =
is_from_mynetwork AND is_sasl_aithenticated THEN permit
reject_unauth_destination
smtpd_sender_restrictions =
permit_sasl_authenticated
reject_unauth_destination
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
If this is an MSA only, replace reject_unauth_destination with
reject.
Duh.
-- Noel Jones
