On Thu, Jun 20, 2013 at 12:23:19PM -0400, linuxknight wrote: > Greetings, I am attempting to limit specific local users from > sending mail to ALL addresses except members of my management team. > > Basically I want our sales agents to be able to receive important > emails/bulletins from management, but only be able to reply to and > send email to the members of management.
IMO, this sounds like you're trying to solve a political problem using technical means. > Initially I figured I would just block their ability to send > altogether with /etc/postfix/access What is /etc/postfix/access? It has no magical, universal meaning across all of Postfixland. There are many different types of access(5) lookups which can be done. If you don't understand this, your chances of solving this problem are poor. This might be a starting point: http://www.postfix.org/SMTPD_ACCESS_README.html > but then decided it would be nice to give them the > ability to email management if necessary. If there are no other > solutions, I will probably just defer to the latter. > > I have postfix setup so they cant send to or receive email from > the outside world, I just want to limit WHO they can send email > TO within the company. Unfortunately many of my staff would abuse > the privilege if I allowed them to email anyone internally. You probably already have these untrustworthy staff (!) on an isolated and restricted subnet, right? (If not, there may be other political problems you need to address.) It would be simple to present clients from that subnet (via a check_client_access lookup) with a check_recipient_access lookup. Another idea using sender addresses is here: http://www.postfix.org/RESTRICTION_CLASS_README.html#external But in that case you will also need to force authentication and maintain smtpd_sender_login_maps. This might be more work than you will wish to commit to for an untrustworthy staff, which probably also means high turnover rates. RESTRICTION_CLASS_README.html has the basics you need in either case. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
