different user levels receiving and sending
in [Postfix]
|
Prev: Outbound Email Message Data is Being Re-written (Not Message Header)
Next: Postfix + stunnel SMTPS = address rewriting issue
From: "Davy Leon" on 28 May 2010 13:01 Hi folks. I'm using postfix-2.3.3 in a linux box with about 90 mail accounts. Everything is ok. But, now, I need to establish 2 user levels and the following requirements on levels: 1. All users in Level 1 can receive emails from only one top level external email domain (for example *.org). 2. All users in Level 1 can send emails to only one top level external email domain (for example *.org). 3. All users in Level 2 can send email to any email domain and receive mail from any email domain. 4. All users, of course, can send and receive local emails After many, many, many headaches, the until-now result is that I can't fulfill number 1 requirement, no matter what I do. Requirements 2, 3 and 4, finally, has been accomplished. Any ideas for requirement number 1? Thank you all, in advance. David
From: Brian Evans - Postfix List on 28 May 2010 12:27
On 5/28/2010 1:01 PM, Davy Leon wrote: > Hi folks. > > I'm using postfix-2.3.3 in a linux box with about 90 mail accounts. > Everything is ok. > > But, now, I need to establish 2 user levels and the following > requirements on levels: > > 1. All users in Level 1 can receive emails from only one top level > external email domain > > (for example *.org). > > 2. All users in Level 1 can send emails to only one top level external > email domain > > (for example *.org). > > 3. All users in Level 2 can send email to any email domain and receive > mail from > > any email domain. > > 4. All users, of course, can send and receive local emails > > After many, many, many headaches, the until-now result is that I can�t > fulfill number 1 > > requirement, no matter what I do. Requirements 2, 3 and 4, finally, > has been accomplished. > > Any ideas for requirement number 1? > Here is an example: smtpd_restriction_classes = level1_recipients level1_recipients = check_sender_access pcre:/path/to/pcre_file In smtpd_recipient_restrictions: check_recipient_access hash:/path/to/file In /path/to/file: # This is an example of a map of all level 1 recipients. You may use *sql or any valid map type. user1(a)class1.example.com level1_recipients user2(a)class1.example.com level1_recipients .... In /path/to/prce_file: # Replace DUNNO with OK if you do not want remaining checks in smtpd_recipient_restrictions to fire # You may also customize the reject message if you wish /.*\.org$/ DUNNO /.*/ REJECT This recipient does not accept email from you Notes: this fires on the envelope sender and receiver and not the To: header. There are simple ways to bypass these checks because the envelope sender is easily forged. If prce is not installed (use 'postconf -m' to check), you may use regexp instead as a map type. Brian |