John Pierce wrote: >>>On 03/05/12 8:50 PM, Bob Hoffman wrote: >/>>> I have 2 books on postfix here and spent many days online but I do not />>>>/ see the solution short of /dev/null or reject of all mail, local or />/>>> external, of root. / >shouldn't be hard to cook up a procmail recipe for that.
I was working on that. However, when the local mail is sent to a local recipient, postfix gets it first and appends the domain name on it..so it is going to 'r...@example.com' instead of root@localhost. So that failed for me. The source emails seem to have this (or something like it) when root sends a mail (Postfix, from userid 0) And that could be good...for root to root. I was thinking maybe a script that looks for 'from userid' but not a number. I get the inkling that local mail sending has that. However, for postfix to be that completely wide open as a mail server is about enough to send me back to sendmail which never had such issues. Seems odd that postfix itself has no mechanism to prevent mail to any user listed in the alias or passwd file. And no way to prevent root from being spammed to high heaven. /dev/null-ing root seems to kill security even more since you cannot get important information should a service freak out. Gonna try playing with procmail on this, but just about ready to uninstall postfix and go back to sendmail. Everyone kept hooting up postfix as easier than sendmail and good too...however this one issue makes it light years behind sendmail for me. Strange that postfix can very easily be made to only allow certain users to send mail out of the box but forcibly allows any user in the system to get mail sent to it... with no way to stop it. lovely. If I come up with a solution that works, will post _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
