On Tue, Feb 09, 2016 at 04:17:28PM +0100, Julian Kippels wrote: > Hi, > > I am trying to configure distribution lists with restricted senders. > Scenario: > I have testlist...@domain.tld with the recipients pers...@domain.tld, > pers...@domain.tld and pers...@other.tld > Only Person A should be allowed to send mails to testlist001. > > I used http://www.postfix.org/RESTRICTION_CLASS_README.html#internal as > a guideline. Here are the relevand lines of my config: > > main.cf: > smtpd_recipient_restrictions = > check_recipient_access ldap:/etc/postfix/broadcaster-lists.cf > smtpd_restriction_classes = broadcaster_only > broadcaster_only = > check_sender_access ldap:/etc/postfix/check-broadcaster.cf, reject > > broadcaster-lists.cf: > server_host = <ldaphost> > server_port = 389 > search_base = xxx > domain = xxx > query_filter = (&(mail=%s)(mgrpallowedbroadcaster=*)) > bind = no > result_attribute = mail > result_format = %s broadcaster_only > > (The mgrpallowedbroadcaster attribute holds all addresses allowed to > broadcast, in this case there is only one such attribute with the key > "pers...@domain.tld") > > check-broadcaster.cf: > server_host = <ldaphost> > server_port = 389 > search_base = xxx > domain = xxx > query_filter = (mail=%s) > bind = no > result_attribute = mgrpAllowedBroadcaster > result_format = %s OK > > When I send a mail as pers...@domain.tld I get: > -> RCPT TO:<testlist...@domain.tld> > <** 451 4.3.5 Server configuration error > > and maillog says: > Feb 9 15:38:11 mail-test postfix/smtpd[27665]: warning: unknown smtpd > restriction: "testlist...@domain.tld" > Feb 9 15:38:11 mail-test postfix/smtpd[27665]: NOQUEUE: reject: RCPT > from localhost[::1]: 451 4.3.5 Server configuration error; > from=<pers...@domain.tld> to=<testlist...@domain.tld> proto=ESMTP > helo=<mail-test.domain.tld> > > Sending mails to distribution lists that do not require an allowed > broadcaster still works. > > Can anyone help me with this? > > Thanks in advance, > Julian Okay, I found the LDAP-config error on my own. The result_formats are wrong. But this leads me to a follow up question. How can I configure a different restriction class for every distribution list? Do i really need to create a seperate class for each list? For example: Person A is an allowed broadcaster for testlist001, Person B and C are allowed broadcasters for testlist002. With this configuration Person A would also be allowed to send to testlist002. Is there a way to dynamically generate those restriction classes from LDAP?
Julian -- --------------------------------------------------------- | | Julian Kippels | | M.Sc. Informatik | | | | Zentrum für Informations- und Medientechnologie | | Heinrich-Heine-Universität Düsseldorf | | Universitätsstr. 1 | | Raum 25.41.O1.36 | | 40225 Düsseldorf / Germany | | | | Tel: +49-211-811-4920 | | mail: kipp...@hhu.de | | jabber: jukip...@xmpp.hhu.de ---------------------------------------------------------
signature.asc
Description: Digital signature
