Alexander Hoogerhuis wrote:
Patrick wrote:
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
permit_mynetworks
reject_authenticated_sender_login_mismatch
permit_sasl_authenticated
reject_unauth_destination
(etc)
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_sender_login_maps.cf
/etc/postfix/mysql_sender_login_maps.cf:
user = <mysqluser>
password = <mysqlpass>
hosts = 127.0.0.1
dbname = postfix
table = mailbox
select_field = username
where_field = username
which just pulls the username from the database & checks it against the
username. Kinda redundant right? But it does the job ok!
For anyone looking through the mailing list archives, this is a solution
that will work with postfixadmin...
Sorry for digging up an old thread, but unless I'm mistaken this will
deal with the case where the user sends email outbound with the MAIL
FROM equal to the SASL login username, but if someone sets their MAIL
FROM to be one of the values from the list of the mailbox'es aliases it
will not validate against the alias table?
Right, the query above only works if the user sends mail from their
login address. If you involve aliases, you need to do the transitive
closure using either a much more advanced query or a policy service.
