On 04.05.22 10:50, Víctor Rubiella Monfort wrote:
I'm working on a map for restrict MAIL_FROM declared on mail based on
sasl user authenticated.
For example if we want that all accounts for domain @domain1.com can
define MAIL_FROM @domain1.com and @domain2.co accounts:
@domain1.com accou...@domain1.com accou...@domain2.com
accou...@domain2.com accou...@domain2.com
@domain2.com accou...@domain1.com accou...@domain2.com
accou...@domain2.com accou...@domain2.com
I store this on map file and add this configuration on postfix:
smtpd_sender_login_maps: hash:/etc/postfix/sender_restrictions_map
smtpd_sender_restrictions
.....*
reject_sender_login_mismatch*
This seems works fine, but is incremental complexity of this map when
we add several domains and this domain has several accounts, for
example if we add 4 domains with 20, 30 o 50 accounts each one.
There are any way to do something like this:
@domain1.com @domain1.com,@domain2.com,@domain3.com
@domain2.com @domain1.com,@domain2.com,@domain3.com
@domain3.com @domain1.com,@domain2.com,@domain3.com
The final purpose is restrict domains can be used on MAIL_FROM, based
on domain used on SASL account. Without consider each account.
If you want to allow all accounts to specify all addresses in @domain1.com
and @domain2.com, why to specify them at all?
Not specifying @domain1.com and @domain2.com should not restrict sending mail
from those domains at all.
for unauthenticated clients, you can deny mail from: using
check_sender_access.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Christian Science Programming: "Let God Debug It!".
