On 5/28/2010 1:01 PM, Davy Leon wrote:
Hi folks.
I'm using postfix-2.3.3 in a linux box with about 90 mail accounts.
Everything is ok.
But, now, I need to establish 2 user levels and the following
requirements on levels:
1. All users in Level 1 can receive emails from only one top level
external email domain
(for example *.org).
2. All users in Level 1 can send emails to only one top level external
email domain
(for example *.org).
3. All users in Level 2 can send email to any email domain and receive
mail from
any email domain.
4. All users, of course, can send and receive local emails
After many, many, many headaches, the until-now result is that I can’t
fulfill number 1
requirement, no matter what I do. Requirements 2, 3 and 4, finally,
has been accomplished.
Any ideas for requirement number 1?
Here is an example:
smtpd_restriction_classes = level1_recipients
level1_recipients = check_sender_access pcre:/path/to/pcre_file
In smtpd_recipient_restrictions:
check_recipient_access hash:/path/to/file
In /path/to/file:
# This is an example of a map of all level 1 recipients. You may use
*sql or any valid map type.
us...@class1.example.com level1_recipients
us...@class1.example.com level1_recipients
...
In /path/to/prce_file:
# Replace DUNNO with OK if you do not want remaining checks in
smtpd_recipient_restrictions to fire
# You may also customize the reject message if you wish
/.*\.org$/ DUNNO
/.*/ REJECT This recipient does not accept email from you
Notes: this fires on the envelope sender and receiver and not the To:
header.
There are simple ways to bypass these checks because the envelope sender
is easily forged.
If prce is not installed (use 'postconf -m' to check), you may use
regexp instead as a map type.
Brian
