mj:
> Hi all,
>
> Is there a way to limit/restrict the usernames that are allowed to use
> our postfix dovecot-sasl authenticated smtp relay?
In smtpd_client_restrictions, use check_sasl_access:
check_sasl_access type:table
Use the remote SMTP client SASL user name as lookup key for the
specified access(5) database. The lookup key has the form "user-
name@domainname" when the smtpd_sasl_local_domain parameter
value is non-empty. Unlike the check_client_access feature,
check_sasl_access does not perform matches of parent domains or
IP subnet ranges. This feature is available with Postfix ver-
sion 2.11 and later.
Wietse
