You could try using restriction classes, as documented:
http://www.postfix.org/RESTRICTION_CLASS_README.html
For example:
smtpd_restriction_classes = restr_class1
restr_class1= check_sender_access
hash:/etc/postfix/somesenders,permit_mynetworks,reject
smtpd_recipient_restrictions =
hash:/etc/postfix/access-recipient.cf,permit_mynetworks,reject
# access-recipient.cf:
every...@example.com restr_class1
# somesenders:
f...@example.com REJECT
lil...@example.com REJECT
Note however that this will not provide sufficient protection, since,
the user can always change his sender address and override the mechanism.
But you could lock them out using ip address (still prone to ip
spoofing) or, even better, require SASL authentication and filter people
based on their (SASL) login name (using reject_sender_login_mismatch).
Nick
On 10/2/2011 1:17 μμ, Petr Svacina wrote:
Hi,
I need to have this specific scenario:
I need to set up for example.com aliases for all (every...@example.com), so it
is made.
Next I need to restrict every...@example.com to local delivery only, so I made
this:
/etc/postfix/main.cf:
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/access-recipient.cf
/etc/postfix/access-recipient.cf:
every...@example.com permit_mynetworks,reject
So And now I need SOMEHOW to set up, that some users (f...@exmaple.com,
li...@example.com) can not send ANYTHING to the every...@example.com, can
postfix handle this ?
Or I need to use any script ... ?
Thanks Peter
