On 11/07/2011 11:40, Damien Robinet wrote:
Hi Harald,
We have many agencies that can use our mail server.
Each agency has one or more domain name. They can add their domain in
our system to receive their emails professionals.
We have already limited the users who have the right to the domain
name in the system, but there are always "failures"...
The last example, a external agency computer has added the domain
"paypal.fr" in our system and have creating an e-mail (catchall).
He received all the messages that our employees have sent to paypal.fr ...
We monitor the domaines added to the system. But we can not monitor
employees who have the right to add domain names.
I am looking for a solution in the Postfix configuration to force it
to always send emails to the outside and not try to deliver them
locally.
You are trying to solve a social problem by technical means, which is
rarely effective. In this particular case, you have someone - either an
employee of your company, or a client - who has just committed a very
serious crime using your equipment. That's a matter for the police, not
Postfix.
If you really cannot technically prevent people adding domains that they
do not control, then you need to make it clear in your contracts - both
with your employees and your clients - that doing so is grounds for
instant termination. Otherwise, you are likely to find that you, too,
will be in trouble with the law.
On a more sensible note, the simplest technical solution is to have
separate mail servers for inbound and outbound mail. That way, someone
adding a domain they don't own to the inbound server won't have any
effect on outbound mail.
Mark
--
Sent from my Babbage Difference Engine
http://mark.goodge.co.uk
http://www.ratemyairport.com
