On 10/8/20 8:25 AM, Wietse Venema wrote:
Demi M. Obenour:On 10/6/20 4:23 PM, Wietse Venema wrote:If the feature is turned on then there should probably be a default action for users not listed in the table (deny or allow). Its not going to be pretty when only the numerical UID is avaialble (a 1:1 mapping username->sender would not make sense).What about defaulting to allow if local_sender_login_maps has its default value, and deny otherwise? That keeps the current default behavior, while still allowing administrators to lock it down.The action (deny) for unmatched users should not depend on the (non-empty) local_sender_login_maps value.
Should this be a configuration option? Alternatively, we could look up unknown UIDs as strings, perhaps prefixed with a character that is not valid in an email address. Other places in Postfix use "unknown" to mean something similar. We could also have local_sender_login_maps be empty by default, and have unmatched users be allowed by default if and only if it is empty.
Wietse
Demi
OpenPGP_0xB288B55FFF9C22C1.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
