That would be great if it works.
It may be easy to forge, but it can be harder to guess depending on what
name I choose?
But you both mention relay - is that in the loose sense of the word? I
don't need to relay it do I? Just permit?
thanks
Dave
On 30/08/2020 23:31, Jaroslaw Rafa wrote:
Dnia 30.08.2020 o godz. 16:11:32 Viktor Dukhovni pisze:
There is, for good reason, no relay authorisation based on sender
address, because unlike a source IP address on your network (which is
difficult to forge with TCP) without being on your network, a sender
address is trivially forged by just using it. Sender addresses are
neither secret not difficult to forge.
Thus permit_mynetworks (and thus mynetworks) is a thing, but there
is no permit_sender_domain (nor thus mydomains).
However if someone wants to take a risk, I guess they can still put in
main.cf something like
smtpd_relay_restrictions = ..., check_sender_access /etc/postfix/relayuser, ...
where /etc/postfix/relayuser contains something like
usern...@domain.com PERMIT
Wouldn't it work?
