Prev-20 Home Next-20 13 msg HOLD queue GUI 4 msg Spam being sent from our mail server 3 msg catch-all mail address 4 msg sending mail is working but only local. 8 msg 2 postfix boxes as frontservers for MS Exchange... 3 msg delayed delivery 2 msg libspf2 and policyd 3 msg Bypassing content_filter for trusted networks 8 msg Changing UUCP-Sytsle-Adresses to Domain-Style-A... 9 msg List of main.cf options 6 msg 'too many errors after RSET' with Outlook 2 msg Virtual Users w/ LDAP and Authentication 3 msg Multiple content filters? 2 msg I don't know what to make of this 3 msg Postfix and Dspam, point me in the right direct... 14 msg Postfix in base FreeBSD system 4 msg Weird 'Connection timed out while sending messa... 4 msg rewriting and redirecting incoming address 4 msg master.cf config question LDAP smtpd_recipient_restrictions \ James Wilson (23 Sep 2007) . \ (Wietse Venema) (23 Sep 2007) . . \ James Wilson (27 Sep 2007) . . . \ James Wilson (29 Sep 2007) . . . . \ mouss (1 Oct 2007) . . . . . \ James Wilson (1 Oct 2007) . . . . . . \ mouss (1 Oct 2007) Prev-20 Home Next-20

Prev-Msg Prev-Thread Postfix-users Sep-2007 Next-Thread Next-Msg Subject: LDAP smtpd_recipient_restrictions Group: Postfix-users From: James Wilson Date: 23 Sep 2007 Hi All, I have basic mailing lists configured via postfix and LDAP. I have restrictions in place for some lists to allow / disallow external users from mailing the list, which works fine. Recently a request from the powers that be require this to be locked down further. Essentially, they want to stop members of a different domain from emailing a list; I know this is easily spoofed, but hey. For example, year1 can email year2, but year1 cannot. I've followed: http://www.postfix.org/RESTRICTION_CLASS_README.html And have successfully implemented with flat files for a single list. When transferring this to LDAP lookups, I consistently get "554 5.7.1 <year1>: Recipient address rejected: Access denied;" from any domain, including the domain to which the list belongs. The following are the smtpd_recipient_restrictions and smtpd_restriction_classes along with the LDAP lookups. main.cf: smtpd_recipient_restrictions = check_recipient_access proxy:ldap:ldapprotected_destinations, permit_mynetworks, reject_unauth_destination smtpd_restriction_classes = insiders_only insiders_only = check_sender_access proxy:ldap:ldaplist_domain, reject ldapprotected_destinations_query_filter = (&(listOwner=%s) (accessibility=school)(accountStatus=active)) ldapprotected_destinations_result_attribute = listOwner ldapprotected_destinations_result_filter = insiders_only ldapprotected_destinations_bind = yes ldapprotected_destinations_timeout = 50 ldaplist_domain_query_filter = (&(listOwner=%s)(accessibility=school) (accountStatus=active)) ldaplist_domain_result_attribute = relayDomain ldaplist_domain_result_filter = OK ldaplist_domain_bind = yes ldaplist_domain_timeout = 50 The LDAP entry is as follows: dn: cn=Year 1,ou=example,o=list,dc=sch,dc=uk cn: Year 1 fqGroupName: Year 1 leaverGroup: no edportDisplay: no objectClass: groupOfNames objectClass: top listOwner: year1 type: Reserved Group description: Year 1 accountStatus: active member: cn=james wilson.test,ou=example,o=schools,dc=sch,dc=uk accessibility: school relayDomain: example.sch.uk Can anyone assist? I have no control over why this isn't done via a purpose built mailing lists manager, so please don't berate me. Thanks, James --- http://www.silent-system.net/gallery Prev-Msg Prev-Thread Postfix-users Sep-2007 Next-Thread Next-Msg

© 2004-2008 readlist.com