Hi Julio, I tested and it did not work for local users, access is denied (sending not possible) only for external ones. Mail is sent to [email protected] <mailto:[email protected]> regardless if local sender address is in the insiders map or not. I use lmtp for local mail delivery, could that be a problem? With kind regards, Ivars
> On 24 Aug 2022, at 17:12, julio covolato <[email protected]> wrote: > > > Em 24/08/2022 10:08, Ivars Strazdins escreveu: >> Hello Postfix Experts, >> let’s say that domain.com <http://domain.com/> is Postfix $mydomain. >> I know that it is possible to protect /etc/postfix/protected_destinations >> from external senders, as per >> https://www.postfix.org/RESTRICTION_CLASS_README.html >> <https://www.postfix.org/RESTRICTION_CLASS_README.html> >> >> But is it possible to limit users from the same domain who can send mails to >> an internal email distribution list? >> In other words, is it possible to setup Postfix so that >> [email protected] <mailto:[email protected]> CAN send an email to >> /etc/postfix/protected_destinations <mailto:[email protected]> >> [email protected] <mailto:[email protected]> CANNOT send an email to >> [email protected] <mailto:[email protected]> >> >> [email protected] <mailto:[email protected]> is a simple Postfix alias. >> >> Thanks for your time, >> Ivars > Hi, yes, you can. > > main.cf: > > smtpd_restriction_classes = insiders_only > insiders_only = check_sender_access hash:/etc/postfix/insiders, reject > ... > ... > smtpd_recipient_restrictions = check_recipient_access > hash:/etc/postfix/protected_destinations > ... > ... > > /etc/postfix/insiders: > > [email protected] <mailto:[email protected]> OK > [email protected] <mailto:[email protected]> OK > > /etc/postfix/protected_destinations: > > [email protected] <mailto:[email protected]> insiders_only > [email protected] <mailto:[email protected]> insiders_only > > $ postmap /etc/postfix/protected_destinations > $ postmap /etc/postfix/insiders > $ postfix reload > > ---------------------------------- > _ Engº Julio Cesar Covolato > 0v0 <[email protected]> <mailto:[email protected]> > /(_)\ F: 55-11-99175-9260 > ^ ^ PSI INTERNET > ----------------------------------
