On Tue, 2008-09-09 at 13:25 -0400, Wietse Venema wrote: > Andrea Gozzi: > > On Tue, 2008-09-09 at 13:03 -0400, Wietse Venema wrote: > > > > > > > > > > > > It works, thanks. > > > > I have one further question: how do I restrict access to postfix for any > > > > user with @myfreemail.com account only from localhost (where the webmail > > > > is running)? > > > > > > The answer depends on how your webmail injects mail into Postfix. > > > > > > Wietse > > > > Via smtpd. > > /etc/postfix/main.cf: > smtpd_sender_restrictions = > check_client_access hash:/etc/postfix/client_access > check_sender_access hash:/etc/postfix/sender_access > > /etc/postfix/client_access: > 127.0.0.1 OK > > /etc/postfix/sender_access: > myfreemail.com REJECT restricted to localhost only > > But your requested policy makes no sense. > > Wietse
The REDIRECT check can easily be bypassed by changing the MAIL FROM: , so I configured the webmail to allow mail originating from the real address only. Unfortunately, someone might still try to connect directly to postfix and fake the envelope.. Is there any way to enforce the localhost origin restriction after the users have authenticated? Andrea
