On Tue, Apr 20, 2010 at 05:34:26PM -0500, Noel Jones wrote:
> Something like:
>
> # main.cf
> smtpd_sender_restrictions =
> check_sender_access hash:/etc/postfix/sender_only
> reject_unauth_destination
>
> # sender_only
> example.com OK
>
> Warning: use this in smtpd_sender_restrictions as shown above. DO NOT use
> this in smtpd_recipient_restrictions as it would make you an open relay.
This also blocks bounces, which should not be blocked. One must also
white-list the empty sender:
http://www.postfix.org/postconf.5.html#smtpd_null_access_lookup_key
access:
<> OK
example.com OK
.example.com OK
The ".example.com" form may be need depending on the value of "p_d_m_s"
http://www.postfix.org/postconf.5.html#parent_domain_matches_subdomains
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.
