postfix rocks!! :-)
working perfectly...
thanks mouss
regards,
Israel.
On Sun, Apr 18, 2010 at 12:42 AM, mouss <mo...@ml.netoyen.net> wrote:
> Israel Garcia a écrit :
>> Hi
>> I have some apps on a debian server which use to send mail using
>> localhost on the same server and I want allow only email sent to this
>> address u...@domain and reject all other. This is my main.cf
>>
>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>> biff = no
>> append_dot_mydomain = no
>> readme_directory = no
>>
>> # TLS parameters
>> smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
>> smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
>> smtpd_use_tls=yes
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>>
>> myhostname = myserver.mydomain
>> alias_maps = hash:/etc/aliases
>> alias_database = hash:/etc/aliases
>> myorigin = /etc/mailname
>> mydestination = myserver.mydomain, localhost.speedyrails.ca, , localhost
>> smtpd_recipient_restrictions =
>> check_recipient_access hash:/etc/postfix/recipients,
>> check_relay_domains,
>> reject
>>
>> relayhost = [lbsmtp]
>> smtp_host_lookup = dns,native
>> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
>> mailbox_size_limit = 0
>> recipient_delimiter = +
>> inet_interfaces = localhost
>> mailbox_command =
>> default_transport = smtp
>> relay_transport = smtp
>> smtp_host_lookup=dns,native
>> inet_protocols = ipv4
>>
>> /etc/postfix/recipient file:
>>
>> u...@domain OK
>> \...@\* REJECT
>
> the last line is useless.
>
>>
>> So, if I test sending mail using mail command or mutt rules does not
>> work, but, if I use telnet or nc to connect to localhost on 25/tcp
>> port rule works. Simple question, WHY?
>
> because smtpd_* parameters apply to mail received via SMTP.
>
>>
>> How can I restrict my server to send mail TO u...@domain?
>>
>
> There are many ways...
>
> [transports]
> instead of using smtpd restrictions, you can use transport_maps:
>
> u...@domain smtp:
> * error:recipient address not allowed
>
> (note that '*' only works for transport_maps. don't use it in access maps).
>
> [smtpd restrictions via a content filter]
> you can force mail submitted via the sendmail (pickup) interface to go
> through smtpd by adding
> -o content_filter=smtp:[127.0.0.1]:25
>
> under the "pickup" service in master.cf. However:
>
> - if you do so, you must not use the sendmail command after content
> filtering. otherwise, you'll get an infinite loop.
>
> - mail that will be rejected will cause a bounce. you need to handle
> this. Instead of "reject", you could use HOLD to put mail on hold (and
> remove it manually using the postsuper command), or you can
>
>> NOTES:
>> This server only accept mails from localhost
>> This server send mails to a load balancer [lbsmtp]
>>
>> thanks in advance
>>
>
>
--
Regards;
Israel Garcia
