Many thanks Noel, it worked fine... and sorry for the last (stupid) question..
jannis --- Noel Jones <njo...@megan.vbhcs.org> schrieb am Di, 19.4.2011: > Von: Noel Jones <njo...@megan.vbhcs.org> > Betreff: Re: Filtering incoming mails with sender-domain = recipient-domain? > An: postfix-users@postfix.org > Datum: Dienstag, 19. April, 2011 11:20 Uhr > On 4/19/2011 5:01 AM, Jannis > Kafkoulas wrote: > > Hi, > > > > What I'm wondering here is, if that doesn't also block > emails from inside to the internet, since they also have as > sender @mydomain. > > (we have two stages of postfix in-line or ranged(?)). > > > > Thanks > > It will not block the mail if the sending client is listed > in > $mynetworks, or if the client authenticates with SASL. > > > > -- Noel Jones > > > > > --- Noel Jones<njo...@megan.vbhcs.org> > schrieb am Fr, 15.4.2011: > > > >> Von: Noel Jones<njo...@megan.vbhcs.org> > >> Betreff: Re: Filtering incoming mails with > sender-domain = recipient-domain? > >> An: postfix-users@postfix.org > >> Datum: Freitag, 15. April, 2011 05:38 Uhr > >> On 4/15/2011 4:14 AM, Jannis > >> Kafkoulas wrote: > >>> Hi, > >>> > >>> Sometimes we receive mails with sender-domain > our > >> company, > >>> i.e. from: any...@mycompany.com > >> to: some...@mycompany.com > >> which we'd like to block (the entire domain). > >>> Can it be done e.g. by header checks? > >>> Or is it possible at all? > >> > >> You can block mail from the outside that has your > domain as > >> the envelope sender. This will have a fairly > low (but > >> non-zero) false positive rate. > >> > >> You should not block mail from the outside that > has your > >> domain in the From: header. This will have a > high > >> false positive rate. > >> > >> To block your domain in the envelope, use > something like: > >> > >> # main.cf > >> smtpd_recipient_restrictions = > >> permit_mynetworks > >> #uncomment next line if using SASL > >> # permit_sasl_authenticated > >> reject_unauth_destination > >> check_sender_access > hash:/etc/postfix/sender_access > >> ... other local rules ... > >> > >> > >> # sender_access > >> mydomain REJECT mydomain not > allowed in > >> unauthenticated mail > >> > >> > >> > >> > >> -- Noel Jones > >> > >
