On 2025-01-25 14:46, Tomasz Pala via Postfix-users wrote:
> As the internal and external are separate accounts (if I understand
> correctly) this still seems to be the job for submission stage.
Since you care about header addresses and want to prevent users from accidental
use of them for Internet, something like this could be attached to MIMEdefang
milter configured for submission_internal (original submission not accepting
internal domain sender at all).
sub filter_begin {
if ( $SendmailMacros{'auth_authen'} || $SendmailMacros{'auth_author'} ||
$SendmailMacros{'auth_type'} ) {
# or: if ($Sender =~ /\@internal\b/i)
# or: my($entity) = @_;
# if ($entity->head->get('From') =~ /\@internal\b/i)
foreach $recip (@Recipients) {
unless ($recip =~ /\@(internal|external|allowed)\b/i) {
action_bounce("Cannot send to $recip using $Sender account");
return;
}
}
}
}
This returns error during submission, so the user is immediately notified (and
clients like Thunderbird don't even close the Write window) and might act.
I haven't tried _this_ code, it's handwritten as an example of "complicated"
business logic/policy handling.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
