Hi all,
We've had a working configuration since a few years where we allow
authenticated users to relay mail even if the sender address does not
match a local user and the recipient is non-local.
Now this is about to change.
So, if the sender is *authenticated*:
- from local-user@local-domain to nonlocal@: allowed
- from nonlocal@ to local-user@local-domain: allowed obviously
- from nonlocal@ to nonlocal@: disallowed
Currently we have
smtpd_sender_restrictions =
hash:/usr/local/etc/postfix/access,
permit_sasl_authenticated,
permit_mynetworks,
reject_unknown_sender_domain,
reject_unauth_destination
All local users are in a ldap table.
Can we use for example "check_sender_access"
and if the user is authenticated *and* the users email or alias matches
MAIL FROM in the ldap lookup give it an OK?
reject_sender_login_mismatch I guess is a possible candidate but then
the problem is MUA's where the user has several incoming accounts but
just one outgoing server configured and there are quite a few such.
I'm still wading through the Postfix docs trying to get a grip on it but
if someone already did it I would be very grateful for a piece of
information... have to admit it feels a bit tricky.
Thank you!
//per
--
BSDLabs AB
Registered in Solna, Sweden
