On Sun, Apr 20, 2014 at 11:11:03PM -0400, Lulu Li wrote:
> I have an application that uses PHPMailer, which in turn uses
> /usr/sbin/sendmail installed by Postfix.
Make sure that the application does not allow users to send email
to arbitrary recipients of their choice. (No open PHP web-forms).
Implement all relevant policy in the PHP application.
> The basic problem is that I wish to limit number of recipients for outgoing
> mail using Postfix sendmail.
The right place for such controls is in the application invoking
sendmail(1), not in sendmail(1) itself.
> "You can't restrict recipient count
> for the mails submitted through sendmail command".
Correct.
> Can someone verify, and explain why it is (or not) possible to limit number
> of outgoing recipients on Postfix sendmail?
The only policy control in sendmail(1)/postdrop(1) is a list of
authorized users.
> More generally, what quotas or
> options can be configured with Postfix sendmail?
None, because the sendmail(1) interface (7 bit exit code) does not
give applications sufficiently fine-grained feedback or recovery
options.
The correct way to apply local submission policy is to accept all
locally submitted mail from any user authorized to send mail (all
by default) into a null-client local submission instance, and to
bounce any mail disallowed by policy at the next-hop between the
null client and the smarthost.
http://www.postfix.org/MULTI_INSTANCE_README.html
However, with PHP and the like, the policy control unquestionably
belongs in the PHP application.
--
Viktor.
