On 2/21/2012 9:21 AM, Harakiri wrote: > I have currently a whitelist which checks inbound recipients against an ldap > using a combination of > > relay_recipient_maps = ldap_config... > smtpd_recipient_restrictions = permit_mynetworks ...reject_unlisted_recipient > > Now i want to have a similar solution for outbound, only enveloped from > addresses which are checked against a server - i did > > smtpd_sender_restrictions =ldap2_config..., reject > > the problem with this is - that this check is also executed for inbound > mails. Basically, similar to the recipient check i would have to allow all > senders that are NOT from mynetworks - i somehow have to negate this - but i > have no idea how to proceed > > I dont want to setup a policy server for such a mundane task > > Thanks!
Here's the docs: http://www.postfix.org/RESTRICTION_CLASS_README.html something like: # /etc/postfix/mynetworks.cidr 127.0.0.0/8 OK {or check_local_sender depending on what you want} 192.168.0.0/16 check_local_sender # main.cf mynetworks = cidr:/etc/postfix/mynetworks.cidr smtpd_restriction_classes = check_local_sender check_local_sender = check_sender_access ldap:whatever, reject smtpd_sender_restrictions = check_client_access cidr:/etc/postfix/mynetworks.cidr (no changes to smtpd_recipient_restrictions needed) The ldap:whatever lookup is expected to reply "OK" for allowed sender addresses, no response (not found) to other addresses. -- Noel Jones
