On 13/08/22 01:00, Jaroslaw Rafa wrote:
Dnia 12.08.2022 o godz. 13:23:25 Dominik George pisze:
By the way: does anybody know of a tool ready to use with Postfix, that
does exactly this and only this, ie. allows to define sender/recipient pairs
that are (with "default deny") or aren't (with "default allow") allowed to
send mail to each other?
Postfix can do this without any special tool or additional patches:
smtpd_relay_restrictions = ...
check_sender_access hash:/etc/postfix/sender-recip
/etc/postfix/sender-recip:
# Joe is only allowed to send to Bob
j...@example.com check_recipient_access
inline:{b...@example.com=permit},reject
# Jane is not allowed to send to Joe or Bob but can send to anyone else
j...@example.com check_recipient_access inline:{j...@example.com=reject,
b...@example.com=reject},permit
# Jeff is allowed to send to anyone who's address begins with a "j" (far
fetched, I know but it illustrates the example)
j...@example.com check_recipient_access pcre:{{/^j/ permit}},reject
Note: None of these examples are tested and I may have gotten the syntax
wrong, but the premise is that the result of an access(5) lookup can be
additional restrictions, combine this with the use of inline tables (or
pcre/regexp tables using the documented inline syntax) and you can do
quite a bit.
Relevant docs: access(5), DATABASE_README, pcre_table(5),
regexp_table(5), and of course postconf(5). SMTPD_ACCESS_README and
RESTRICTION_CLASS_README (while not directly applicable to this) may
also be helpful.
Peter
