Roman Medina-Heigl Hernandez a écrit : >> Why is the mail not being rejected due to >> reject_unauthenticated_sender_login_mismatch? I must have a silly bug but I >> couldn't find it... :-( > > I got to solve it by: > smtpd_sender_login_maps = $virtual_mailbox_maps >
do not reuse maps this way. use a script to generate each map instead (or use note that smtpd_sender_login_maps returns one or more logins, while virtual_mailbox_maps returns the path to the mailbox. > But it seems tricky, since you have to explicitly define a login map... I > think (please, correct me if I'm wrong) the point is: "if you don't define > $smtpd_sender_login_maps, Postfix doesn't know where a "login mismatch" > could exist. Yes, it's true but: > - wouldn't it be clever to assume SASL login should be equal to the sender, > if not explicitly defined otherwise? (so no login map is necessary, except > when login users are different from sender). > - SASL works ok without defining $smtpd_sender_login_maps so you can > perfectly differentiate "authenticated_sender" vs "unauthenticated_sender", > without having any map? Why is it necessary to define > $smtpd_sender_login_maps? It's confussing... > > Finally, if you have to define $smtpd_sender_login_maps, it would be > equivalent to use my former propposed method, with check_sender_access (see > my first post on this thread and the second one by Noel), in the sense that > you have to create an extra db file, and even worse than my first solution, > since first one seems more restrictive (it could reject > [EMAIL PROTECTED] -> [EMAIL PROTECTED], while second one only can > reject [EMAIL PROTECTED] -> [EMAIL PROTECTED], because only valid users are > included in $virtual_mailbox_maps). > > I'd like hearing from you... > > Cheers, > -Román >
