Hi, Is there any solution that would define or whitelist as which sender can each of local system accounts send e-mail when using Postfix's sendmail binary?
I have a hosting server with PHP-FPM FastCGI server, each site on the server runs as one PHP-FPM process, each site has its own local user on the server. PHP is configured to use sendmail binary to send e-mails. This allows each site to send e-mails as any sender. AFAIK there is no way to distinguish later (after the e-mail has been queued) if a given site was "authorized" to send e-mails as that sender or not. I would like to achieve a state when a user trying to send e-mail as "wrong" not in a per-user whitelist of recipients/domains ends up in him receiving some permanent error. PHP has a configuration option to enforce sender to one particular e-mail address - that is not what I want, I would like a whitelist of sender e-mail addresses or preferable a whitelist of domains that a given system account can use as a (envelope) sender. Is there any way to achieve that using sendmail, without switching to SMTP protocol? With SMTP the whitelisting would be possible I guess but it would require me to create a database of accounts and passwords and to set them to all PHP-FPM users. Thanks! Ales Krajnik
