On 02/07/2011 11:57 PM, Nikolaos Milas wrote:
I have parenthetically asked in another - solved - thread if postfix
offers the ability to control access to specific mail addresses using
as a key the authenticated usernames (and got no reply).
So, I am posting this as a new thread, hoping that someone has faced
this scenario.
The idea is: a user is trying to connect to our SMTP (postfix) to send
email to onemailaddr...@example.com (which we want to control access
to). He is authenticated by postfix as userx using SASL over our LDAP
server (we are using virtual accounts only). Can we setup some
"smtp_restriction_classes" based on authenticated usernames (for
example a check_client_access lookup table with entries of the form:
"userx OK", where userx is a successfully authenticated SMTP
username and not the sender's mail address username)?
Is there direct or indirect way to accomplish this? Is there a way to
"retrieve" the SMTP authentication username and process it?
I haven't been able to locate a similar subject in the documentation
(except of course permit_sasl_authenticated which applies to all SASL
authenticated users at the same time).
You can restrict the sender addresses an SASL authenticated user can use
with smtpd_sender_login_maps; these senders can then be combined with
specific recipients in a restriction class.
I know of no other way to limit SASL users in this specific manner.
Thanks very much,
Nick
