On Fri, Mar 06, 2015 at 01:54:54AM +0000, Mick wrote:
> Hi Markus,
>
> I am pleased to say my 'moonshine' perl based policy is now up and running.
>
>
> Benning, Markus wrote:
> >The reject_sender_login_mismatch in smtpd_sender_restriction
> >already does that
> >as a native postfix check:
> I didn't know that. There is a lot I don't know or understand, which
> is why I decided to try to come up with something myself. Regarding
> blocking sender login mismatch, I will keep that in the policy. I
> added an extra field to the policy mysql DB table enabling mailboxes
> to be group linked by an administrator. This means that an SMTP
> login within a specific group, can send messages on behalf of anyone
> else provided that has the same group code. A very simple addition
> where both the sender and sasl-username are cross checked with the
> group name (if any).
>
> $action= "action=DUNNO\n\n";
> if ($sasl_username ne $sender)
> {
> if(length($sasllink)>0 && length($senderlink)>0 && $sasllink eq
> $senderlink) {}
> else { $action= "action=REJECT Not authorised\n\n";}
> }
> }
Suggestion:
$action =
$sasl_username eq $sender || (length($sasllink) && $sasllink eq
$senderlink)
? "action=DUNNO\n\n";
: "action=REJECT Not authorised\n\n"
Paul.
--
Paul Hoffman <p...@flo.org>
Systems Librarian
Fenway Libraries Online
c/o Wentworth Institute of Technology
550 Huntington Ave.
Boston, MA 02115
(617) 442-2384 (FLO main number)
