On Wed, Nov 06, 2024 at 10:39:41AM +0100, Florian Piekert via Postfix-users
wrote:
I found the solution by using in main.cf the
smtpd_relay_restrictions = permit_mynetworks,
check_sender_access
btree:$meta_directory/restricted_senders,
permit_sasl_authenticated,
reject_unauth_destination
directive. Works now.
On 06.11.24 21:14, Viktor Dukhovni via Postfix-users wrote:
This is too fragile, you're liable to create an open relay, if any of
the sender checks return "OK" based on the sender address alone.
I'd instead recommend putting these in
smtpd_sender_restrictions
which don't imply relay permissions, and rather implement the particular
from/to access rules intended.
This reminds me of a question, can check_recipient_access be specified in
smtpd_sender_restrictions?
I assume works but only when smtpd_delay_reject is enabled (default)
otherwise the recipient is not known at time smtpd_sender_restrictions are
processed.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Honk if you love peace and quiet.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
