On Tue, Sep 16, 2008 at 09:56:57PM +0200, Henrik Friedrichsen wrote:
> > It is anti-spoofing control, and what you are looking for is two features
> > that Postfix local submission lacks:
Did you see the word "lacks"?
> >
> > 1. Only allow *trusted* users to specify the message envelope sender
> > addresses. All other users of sendmail(1) (really postdrop(1))
> > get [EMAIL PROTECTED] as the envelope sender address (subject to
> > further rewriting).
> >
> > 2. Only allow *trusted* users to specify the (Resent-)From: header
> > and for untrusted users, synthesize the (Resent-)From: header
> > from <[EMAIL PROTECTED]> and Gecos data.
>
> How do I set that rule?
Write new code that implements the above features, and set the
corresponding new configuration variables. :-(
> > These features are not in Postfix. Also not in Postix is control of
> > the "From:" header for SASL authenticated SMTP users. Only the envelope
> > sender is optionally restricted with smtpd_sender_login_maps.
>
> The users are not SASL authenticated..
Yes, of course, local submission is authenticated by "login" and the
kernel remembering the user's uid, and the password file providing
inverse mappings.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[EMAIL PROTECTED]>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
