Thanks for the response. > On Oct 3, 2016, at 9:44 AM, Viktor Dukhovni <[email protected]> > wrote: > > On Mon, Oct 03, 2016 at 11:35:54AM +0200, Niklaas Baudet von Gersdorff wrote: > >> For example, if I want to send email from [email protected] from my >> account [email protected], I'd need the following entry in >> smtpd_sender_login_maps: >> >> [email protected] [email protected] > > The table lookup key is a sender address, and the RHS is a list of > logins, so this example is backwards.
So if my smtp authenticated username is just say “joeuser” which is a local unix account on the server and the email address I’m using is [email protected], I would need joeuser [email protected] in smtpd_sender_login_maps? Does this make sense? Thank you -jeremy > >> If I use reject_sender_login_mismatch without the above entry, >> I am only allowed to send from [email protected] when using >> [email protected] as login. > > Provided that a suitable entry permits that: > > [email protected] [email protected] > > See http://www.postfix.org/SASL_README.html#server_sasl_authz > > The relevant restrictions are: > > 1. http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch > 2. > http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch > 3. > http://www.postfix.org/postconf.5.html#reject_unauth_sender_login_mismatch > 4. > http://www.postfix.org/postconf.5.html#reject_known_sender_login_mismatch > > 1. This requires a matching sender for all logged-in users, and a > matching login for all listed senders. This subsumes 2, 3 and 4. > > 2. This only applies the constraints in to authenticated users, > unauthenticated users are not restricted. This is the authenticated > user policy part of 1. > > 3. This prevents unauthenticated users from sending as listed > senders. Authenticated users are restricted. This is the > unauthenticated policy part of 1. > > 4. This restricts access only to listed sender addresses, in which > case a matching login is required. Anyone can send from an > unlisted sender address. This is the listed address policy > part of 1. > > -- > Viktor.
