Prev-20 Home Next-20 2 msg SQL query as alias Mailfrom restriction and SASL clients \ tonio (30 May 2007) . \ mouss (30 May 2007) . . \ tonio (30 May 2007) 4 msg How to inform outside users that domain soon wi... 31 msg ASSP and NOOP 9 msg Double restrictions for SMTP Authen question ? 5 msg Resend 'virus' mails 3 msg message_size_limit exceptions 53 msg about greylist.pl and alternatives 7 msg failing to send a large mail 1 msg Re: Another weird cert question 2 msg Restrict sending to one address from one IP? 6 msg Forcing PIX workarounds? 4 msg header checks are not working 9 msg recipient_delimiter 3 msg Documenting alias expansion in mails 5 msg Domain Change Notification 4 msg How to do a defer_if_permit with a SMTP code 451? 4 msg virtual: mbox fine, maildir generates 'fatal: g... 5 msg Multiple relays and rate control with anvil 19 msg 550 Prev-20 Home Next-20

Prev-Msg Prev-Thread Postfix-users May-2007 Next-Thread Next-Msg Subject: Re: Mailfrom restriction and SASL clients Group: Postfix-users From: tonio Date: 30 May 2007 Thx for your answer. I will try it Tonio Le mercredi 30 mai 2007 à 19:59 +0200, mouss a écrit : > tonio wrote: > > Hello, > > i'm trying to set a restriction on senders in my network: > > they have to use exclusively our domains in their mailfrom. > > > > for this purpose i've set this restriction, found on Ralf > > Hildebrandt's website: > > > > main.cf : > > > > mynetworks = 127.0.0.0/8 > > > > smtpd_restriction_classes = > > has_our_domain_as_sender > > > > has_our_domain_as_sender = > > check_sender_access hash:/etc/postfix/our_domain_as_sender reject > > > > smtpd_recipient_restrictions = > > check_client_access hash:/etc/postfix/internal_networks > > check_sender_access hash:/etc/postfix/not_our_domain_as_sender > > permit_sasl_authenticated > > permit_mynetworks > > reject_unauth_destination > > .... > > ... other spam checks ... > > permit > > > > > > > > /etc/postfix/internal_networks : > > > > 192.168.1 has_our_domain_as_sender > > > > > > /etc/postfix/our_domain_as_sender : > > domaine.com OK > > <> OK > > > > > > /etc/postfix/not_our_domain_as_sender : > > > > domaine.com 554 You are not from here > > > > > > > > It's working for internal clients, but i've a problem with external > > users authentified by SASL: they CANT send a message with our domain > > in the mailfrom. > > > > so i've tried to set something like this: > > > > smtpd_recipient_restrictions = > > check_client_access hash:/etc/postfix/internal_networks, > > permit_sasl_authenticated, > > check_sender_access hash:/etc/postfix/not_our_domain_as_sender, > > permit_mynetworks > > reject_unauth_destination > > .... > > ... other spam checks ... > > permit > > > > > > Now SASL users can send a message with our domain in the mailfrom, but > > they can also send one with any domain into ! (so the restriction is > > bypassed) > > > > I understand why but i cant found a way to solve this problem. > > > > How can i check the mailfrom from internal AND sasl clients ? > > > http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatc h > Prev-Msg Prev-Thread Postfix-users May-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com