I am expecting the first match to be the final rule. I want anyone at @other-domain to be able to email any of my local users, so the first rule is:
check_sender_access will allow all emails from "@other-domain" /^...@other-domain\.com$/ OK If that rule is true, I want the mail to be delivered. If that rule is false, then the sender must be a local user. I only want local users to be able to email people at "@otherdomain", so the second rule is check_recipient_access will allow all emails to "@other-domain" /^...@other-domain\.com$/ OK If that rule is true, the email is sent from the local user to the user at "@other-domain". If that rule is false, the third rule will reject everything check_recipient_access will reject all other emails /.*/ REJECT I'm not sure why I need restriction classes, but then I'm also not sure why this isn't working. I will read up on restriction classes, but I though the above should have worked. On Wed, Mar 25, 2009 at 2:32 PM, Jussi Silvennoinen <[email protected]> wrote: >> I want my local users to only be able to send and receive emails from >> users on another mail server, I do not want local users to be able to >> email eachother. I have not been able to prevent local users from >> emailing eahcother. It seems my check_recipient_access is not working. >> >> My logic is as follows: >> check_sender_access will allow all emails from "@other-domain" >> check_recipient_access will allow all emails to "@other-domain" >> check_recipient_access will reject all other emails >> >> Does this look correct? >> >> >> ----------------------------------------------------- >> main.cf >> ----------------------------------------------------- >> >> .. >> relayhost = 192.168.1.5 >> .. >> smtpd_recipient_restrictions = >> check_sender_access regexp:/etc/postfix/check_sender_access.regexp, >> check_recipient_access regexp:/etc/postfix/check_recipient_access.regexp, >> check_relay_domains, >> reject_unauth_destination >> >> ----------------------------------------------------- >> /etc/postfix/check_sender_access.regexp contents: >> ----------------------------------------------------- >> >> /^...@other-domain\.com$/ OK >> >> ----------------------------------------------------- >> /etc/postfix/check_recipient_access.regexp contents: >> ----------------------------------------------------- >> >> /^...@other-domain\.com$/ OK >> /.*/ REJECT > > First, those regexp's are expensive. Just /@other\-domain\.com$/ will do. > Second, using the OK action in accessmaps will stop all rule processing > after a match. You need to use restriction classes to achieve what you need. > > -- > > Jussi > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list > _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
