On Jan 5, 2010, at 10:56 AM, Noel Jones wrote: > On 1/5/2010 8:02 AM, Eric Williams wrote: >> I've modified smtpd_recipient_restrictions to block incoming email with a >> whitelist (/etc/postfix/access) as follows: >> >> smtpd_recipient_restrictions = >> permit_sasl_authenticated >> permit_mynetworks >> reject_unauth_destination >> check_sender_access hash:/etc/postfix/access >> reject >> >> This works great so that entries in /etc/postfix/access like: >> >> gmail.com OK >> harvard.edu OK >> >> allow incoming email from those domains, all others are rejected. >> >> I would like to apply the same access list so that users sending mail >> through this server can only reach those same domains. >> >> I've tried lots of recipient checking configs but nothing works so far. I'd >> rather not do this with the firewall, keeping the whitelist monitored by >> postfix only. >> >> Any suggestions? Thanks. > > add to main.cf: > smtpd_sender_restrictions = > check_recipient_access hash:/etc/postfix/access > permit_auth_destination > reject > > Leave your smtpd_recipient_restrictions as they are shown above. This > assumes the same domains are allowed for both incoming and outgoing, and also > allows local users to send local mail. If you need to block local<->local, > it gets trickier. > > -- Noel Jones
That did the trick! Thanks to all! EW
