Steve wrote, at 06/17/2009 05:38 AM:
> Hi List,
>
> I'm currently controlling 'spoofing' (from isendm...@tomyself.null to
> isendm...@tomyself.null) using a map;
>
> smtpd_sender_restrictions =
> ..
> check_sender_access hash:/etc/postfix/maps/spoofprotection
>
> This is fantastic but has one slight side effect. If I have a couple of
> virtual domains such as;
>
> domain1.null
> domain2.null
>
> and b...@domain1.null tries to send mail to b...@domain2.null it is
> (rightfully) blocked.
>
> My poor geriatric brain is not good at logical problems :-( I'm sure the
> answer is staring my in the face but, is there a 'workaround' for this?
If possible, list it in this order:
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_sender_access hash:/etc/postfix/maps/spoofprotection
This will allow authenticated users and machines from mynetworks to
bypass the restriction. As long as your check_sender_access map is not
being used for whitelisting, this should pose no problem.
