Sender restrictions
in [Postfix]
|
From: =?UTF-8?Q?Andr=C3=A9s_Gattinoni?= on 23 Jul 2010 18:44 Hi guys, I have the following question: Is it possible to restrict some virtual accounts from sending emails through my Postfix? I have Postfix 2.3.3 running on a box with several virtual accounts. I want to prevent some of them from sending emails (I just want them to be able to receive). How could I do this? I've been reading about smtpd_client_restrictions but I don't know if I can do a login-based restriction. BTW, I'm using Dovecot's SASL authentication. Thanks! Andrés
From: Jeroen Geilman on 23 Jul 2010 19:31 On 07/24/2010 12:44 AM, Andrés Gattinoni wrote: > Hi guys, I have the following question: > > Is it possible to restrict some virtual accounts from sending emails > through my Postfix? > What does "through" mean ? If you mean FROM an address that is in your virtual_*_maps, then no, not trivially. > I have Postfix 2.3.3 running on a box with several virtual accounts. I > That's very old. > want to prevent some of them from sending emails (I just want them to > be able to receive). > How could I do this? > With a check_sender_access restriction in smtpd_recipient_restrictions. > I've been reading about smtpd_client_restrictions but I don't know if > I can do a login-based restriction. > What does login have to do with it ? > BTW, I'm using Dovecot's SASL authentication. > That's not directly related to what you asked. > Thanks! > > Andrés >
From: =?UTF-8?Q?Andr=C3=A9s_Gattinoni?= on 23 Jul 2010 19:42 On Fri, Jul 23, 2010 at 8:31 PM, Jeroen Geilman <jeroen(a)adaptr.nl> wrote: > On 07/24/2010 12:44 AM, Andrés Gattinoni wrote: >> >> Hi guys, I have the following question: >> >> Is it possible to restrict some virtual accounts from sending emails >> through my Postfix? >> > > What does "through" mean ? > If you mean FROM an address that is in your virtual_*_maps, then no, not > trivially. I mean clients connecting to my Postfix to send emails to external MTAs. Currently only authenticated users relay emails through my MTA. What I want to do is that only SOME of them can do so. > >> I have Postfix 2.3.3 running on a box with several virtual accounts. I >> > > That's very old. I'll see if I can upgrade >> >> want to prevent some of them from sending emails (I just want them to >> be able to receive). >> How could I do this? >> > > With a check_sender_access restriction in smtpd_recipient_restrictions. Ok. Should it be something like this in /etc/postfix/access someuser(a)domain.com REJECT And then: smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access Is that right? >> >> I've been reading about smtpd_client_restrictions but I don't know if >> I can do a login-based restriction. >> > > What does login have to do with it ? >> >> BTW, I'm using Dovecot's SASL authentication. >> > > That's not directly related to what you asked. Ok, I just posted the info in case something might be done from Dovecot's side to handle users' permissions or something.
From: Jeroen Geilman on 23 Jul 2010 19:45 On 07/24/2010 01:42 AM, Andrés Gattinoni wrote: > On Fri, Jul 23, 2010 at 8:31 PM, Jeroen Geilman<jeroen(a)adaptr.nl> wrote: > >> On 07/24/2010 12:44 AM, Andrés Gattinoni wrote: >> >>> Hi guys, I have the following question: >>> >>> Is it possible to restrict some virtual accounts from sending emails >>> through my Postfix? >>> >>> >> What does "through" mean ? >> If you mean FROM an address that is in your virtual_*_maps, then no, not >> trivially. >> > I mean clients connecting to my Postfix to send emails to external MTAs. > Currently only authenticated users relay emails through my MTA. What I > want to do is that only SOME of them can do so. > > >> >>> I have Postfix 2.3.3 running on a box with several virtual accounts. I >>> >>> >> That's very old. >> > I'll see if I can upgrade > > >>> want to prevent some of them from sending emails (I just want them to >>> be able to receive). >>> How could I do this? >>> >>> >> With a check_sender_access restriction in smtpd_recipient_restrictions. >> > Ok. Should it be something like this in /etc/postfix/access > > someuser(a)domain.com REJECT > > And then: > > smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/access > > Is that right? > > Yes. >>> I've been reading about smtpd_client_restrictions but I don't know if >>> I can do a login-based restriction. >>> >>> >> What does login have to do with it ? >> >>> BTW, I'm using Dovecot's SASL authentication. >>> >>> >> That's not directly related to what you asked. >> > Ok, I just posted the info in case something might be done from > Dovecot's side to handle users' permissions or something. > Dovecot plays no part in mail transportation. It authenticates, nothing more. Please reply only to the list, not to me personally - unless you intended it for me personally, in which case, do NOT send it to the list. One or the other. J.
From: =?UTF-8?Q?Andr=C3=A9s_Gattinoni?= on 23 Jul 2010 19:48
On Fri, Jul 23, 2010 at 8:45 PM, Jeroen Geilman <jeroen(a)adaptr.nl> wrote: >>> With a check_sender_access restriction in smtpd_recipient_restrictions. >>> >> >> Ok. Should it be something like this in /etc/postfix/access >> >> someuser(a)domain.com REJECT >> >> And then: >> >> smtpd_recipient_restrictions = check_sender_access >> hash:/etc/postfix/access >> >> Is that right? >> >> > > Yes. Ok, thanks > Dovecot plays no part in mail transportation. > It authenticates, nothing more. I see, thanks. > Please reply only to the list, not to me personally - unless you intended it > for me personally, in which case, do NOT send it to the list. > One or the other. Sorry. |