Dear Techies,
I am trying to implement an access control on an alias email account called
us...@domain.com. I need to allow only few users to send mail to this alias.
I tried many of the combination and didnt got a +ve result yet. I tried
googling a lot, and found the usage of declaring restriction classes, usage
of smtpd_recipient_restrictions etc...
After messing up a lot, i had implemented a test mail server and its current
configuration is as the following;
OS: CentOS 5.2
Postfix: 2.3.3-2
main.cf;
xinode-senders-list = check_sender_access hash:/etc/postfix/xinode-senders,
reject
users-senders-list = reject, check_sender_access
hash:/etc/postfix/users-senders
smtpd_restriction_classes = xinode-senders-list, users-senders-list
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/protected-recipients, reject_unauth_destination
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
mydomain = domain.com
myorigin = $mydomain
inet_interfaces = all
mydestination = $myhostname, $mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
cat xinode-senders
# These are for various technical reasons.
double-bou...@domain.com OK
r...@domain.com OK
mailer-dae...@domain.com OK
# These are the good guys.
us...@domain.com OK
us...@domain.com OK
us...@domain.com OK
cat protected-recipients
mangous...@domain.com mangousers-senders-list
us...@domain.com users-senders-list
xin...@domain.com xinode-senders-list
NOTE 1: currently, i dint declared mangousers-senders-list in main.cf
NOTE 2: i tried by changing the order to put access controls, thats why
finally now its on the top of the main.cf file
I ran postmap to build the db files, restarted the postfix, watched the
logs.... and always i see all the mails are delivered smoothly. I was not
able to block even a single mail.
Is there any othe setting which is to be turned on to make this access
control work?
When i intentionally made a mistake in the smtpd_recipient_restrictions
command, and restarted postfix, i didnt see any error reported in the
maillog. I wonder why it is like that. Is there any mechanism (like testparm
for samba or self check of apache when it starts) to check our main.cf is
configured correctly.
Awaiting for your supportive hands...
Thanking all you in advance...
--
---
E-Regards,
Rahmathulla K M
"In a world without walls and fences, who needs windows and gates?"
