stay on list!
"reject_authenticated_sender_login_mismatch" is simple and straight
you list the envelope senders allowed or a SASL username
it don't and does not need to know anything about domains
Am 21.12.2014 um 01:55 schrieb Henry Nicolas:
Am 20.12.2014 um 20:44 schrieb nh:
I have a postfix/dovecot server, and I want to have one account per
domain,
ie. :
*@Domain1.tld <-> User1 (+ sender only users (only
"autop...@domain1.tld" in
example), like php mail function)
*@Domain2.tld <-> User2
*@Domain3.tld <-> User3
*@Domain4.tld <-> User4
I already succeed to make many domain to one user (except for other
Linux
account (root, ...), who catch their mail, but I don't want that).
I also see if the logged user want to send on one of other domain, he
can.
After some hours of tries, I ask for some help in my search.
How-to make one user receive all mail from one domain and can only send
mails from his domain (can send from all mails for his domain, and
rejected
from others owner domain)
http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch
So I make some test before go to sleep, and it's not work fully as I want :
- When I try to send a mail for a other domain, I'm reject, it's OK.
- I try with an other account, and, all incoming mails go in the first
mailbox (us...@domain1.tld), but I can send mails from each of 2
available domains (the 2 others are in production, so I just declare
them, but not change DNS entries at this moment).
- When I try with "virtual_alias_domains" (and emptied
"mydestination"), it's reject all incoming mails.
The line with error when incoming mails are reject :
Dec 21 01:16:36 mailserver postfix/error[5138]: A5BF24081E:
to=<us...@domain1.tld>, orig_to=<test...@domain1.tld>, relay=none,
delay=0.47, delays=0.18/0.1/0/0.19, dsn=5.0.0, status=bounced (User
unknown in virtual alias table)
Dec 21 01:16:36 mailserver postfix/error[5139]: 96B8540815:
to=<us...@domain1.tld>, orig_to=<test...@domain2.tld>, relay=none,
delay=0.69, delays=0.25/0.17/0/0.27, dsn=5.0.0, status=bounced (User
unknown in virtual alias table)
All accounts are Unix account.
user1 and user2 exists in /home directory and the directory "Maildir"
exists too for both.
Configuration :
/etc/postfix/main.cf :
----
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = no
# TLS parameters
...snip...
myhostname = domain1.tld
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#set if virtual_alias_domains is set
#mydestination =
#else this is the declaration used
mydestination = domain1.tld domain2.tld domain3.tld domain4.tld
relayhost =
mynetworks = 127.0.0.0/8
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
myorigin = /etc/mailname
inet_protocols = ipv4
home_mailbox = Maildir/
mailbox_command =
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = ...snip...
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_sender_restrictions=reject_sender_login_mismatch
smtpd_sender_login_maps=hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual
#When I try that, it's reject all address
#virtual_alias_domains = domain1.tld domain2.tld domain3.tld domain4.tld
----
/etc/postfix/virtual :
----
@domain1.tld user2
@domain2.tld user1
@domain3.tld user2
@domain4.tld user1
----
/etc/aliases is empty
/etc/mailname contains only one line :
domain1.tld
