Sam Przyswa wrote:
mouss a écrit :
Sam Przyswa wrote:
Hi,
How to restrict users to received outside mail (from internet) but
only from the local domain/network ?
If your goal is to restrict few addresses so that:
- they can only send mail to your own domains (domains in
mydestination, virtual_*_domains and relay_domains).
- the addresses can only be used from mynetworks (outsiders may not
use the address as sender or recipient)
then you can do it like this:
smtpd_restriction_classes =
...
internal_only
...
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/restricted_addr
check_recipient_access hash:/etc/postfix/restricted_addr
internal_only =
# they can't relay
reject_unauth_destination
# they can only be used from mynetworks
permit_mynetworks
reject
== restricted_addr
[EMAIL PROTECTED] internal_only
local.example.org internal_only
if this is not what you want, explain your goal more clearly. it may
be easier to give examples of what is allowed and what is not. if you
can formulate the goal in a "mathematical logic" style (if blah and
blah, then allow. if blah and blah then reject. ...), do that too.
So, I have some user:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]
in class restricted_users
and I want these user, ONLY these users, able to send and receive mail
to others users on local network and only on @my.domain.com
1 - all user in local network and in domain @my.domain.com can
*send/receive* mail from everywhere.
2 - *restricted_users* DON'T send/receive mails from network except
$mynetworks AND NO *others domains* BUT @my.domain.com
The goal is to restrict *restricted_users* in *local mail only* in
company domain on the LAN area for security reasons.
if my understanding is correct, the conf I posted before (the one with
internal_only) matches your needs.
you can put it on a test postfix (or a test smtpd using a specific port)
and see if it's ok for you.
