On Tue, 28 Jun 2011 01:59:43 +0200 mouss articulated: > Le 28/06/2011 00:25, Jerry a écrit : > > On Mon, 27 Jun 2011 18:06:19 -0400 (EDT) > > Wietse Venema articulated: > > > >> Jerry: > >>> I saw a configuration for blocking web mail from Apache from > >>> accessing Postfix. I think it was something like: !www or > >>> something like that. I forgot to write it down and now I cannot > >>> locate it. Does anyone know what the recipe is. Thanks! > >> > >> This was discussed here three postings before your question. > > > > OK, I found it: > > > > authorized_submit_users = !apache,static:all > > > > Since I am running Apache on FreeBSD with user/group ownership of > > "www" I assume I would use this instead: > > > > authorized_submit_users = !www, static:all > > > > Would that be correct? > > > > that would. but it doesn't prevent users from using the smtp > interface. users can even send outbout smtp without using your > relay... oh, unless you use different servers for different roles...
My goal is to insure that if my Apache server were somehow compromised, and I have no reason to believe it is or has been, that it could not then use Postfix to send mail. Perhaps I am just being paranoid.
