Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Disallow user to send external mails

2 views
Skip to first unread message

Denis Witt

unread,
Feb 7, 2012, 7:47:18 AM2/7/12
to
Hi,

I wonder if there is an easy solution to disallow a specific sender
(From-Header) to send e-mails to non $mydestination addresses.

Thanks in advance for any hint.

--
Best regards,
Denis Witt

Nikolaos Milas

unread,
Feb 7, 2012, 7:57:08 AM2/7/12
to
On 7/2/2012 2:47 μμ, Denis Witt wrote:

> Hi,
>
> I wonder if there is an easy solution to disallow a specific sender
> (From-Header) to send e-mails to non $mydestination addresses.
>
> Thanks in advance for any hint.
>

Check smtpd_sender_restrictions and/or smtpd_client_restrictions, as
well as restriction classes:
http://www.postfix.org/SMTPD_ACCESS_README.html
http://www.postfix.org/RESTRICTION_CLASS_README.html

/dev/rob0

unread,
Feb 7, 2012, 8:44:26 AM2/7/12
to
On Tue, Feb 07, 2012 at 02:57:08PM +0200, Nikolaos Milas wrote:
> On 7/2/2012 2:47 μμ, Denis Witt wrote:
> >
> >I wonder if there is an easy solution to disallow a specific
> >sender (From-Header) to send e-mails to non $mydestination
> >addresses.
> >
> >Thanks in advance for any hint.

While Nikolaos' links below are indeed the probable best answer,
another important clue is this: you must understand that headers
don't control mail routing. The restrictions below are applied
against the envelope addresses.

> Check smtpd_sender_restrictions and/or smtpd_client_restrictions,
> as well as restriction classes:
> http://www.postfix.org/SMTPD_ACCESS_README.html
> http://www.postfix.org/RESTRICTION_CLASS_README.html
--
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

Denis Witt

unread,
Feb 7, 2012, 9:46:24 AM2/7/12
to
Hi Nikolaos,

thanks a lot.

Denis Witt

unread,
Feb 8, 2012, 12:06:24 PM2/8/12
to
On 07.02.2012 13:57, Nikolaos Milas wrote:

>> I wonder if there is an easy solution to disallow a specific sender
>> (From-Header) to send e-mails to non $mydestination addresses.

> Check smtpd_sender_restrictions and/or smtpd_client_restrictions, as
> well as restriction classes:
> http://www.postfix.org/SMTPD_ACCESS_README.html
> http://www.postfix.org/RESTRICTION_CLASS_README.html

Hi again,

it seems that restriction classes, etc. are working fine if mail is send
by SMTP, not by local processes (sendmail, etc.). Is this correct or do
I miss something?

/dev/rob0

unread,
Feb 8, 2012, 12:43:29 PM2/8/12
to
On Wed, Feb 08, 2012 at 06:06:24PM +0100, Denis Witt wrote:
> On 07.02.2012 13:57, Nikolaos Milas wrote:
>
> >>I wonder if there is an easy solution to disallow a
> >>specific sender (From-Header) to send e-mails to non
> >>$mydestination addresses.
>
> >Check smtpd_sender_restrictions and/or
> >smtpd_client_restrictions, as well as restriction classes:
> >http://www.postfix.org/SMTPD_ACCESS_README.html
> >http://www.postfix.org/RESTRICTION_CLASS_README.html
>
> it seems that restriction classes, etc. are working fine
> if mail is send by SMTP, not by local processes (sendmail,
> etc.). Is this correct or do I miss something?

Correct. smtpd_* settings only apply to smtpd(8); sendmail(1) has no
feature to limit source and destination addresses. Your only choices
there would be to use authorized_submit_users to block access to
sendmail, or to write some kind of software to sit in front of
sendmail and check your access rules.

http://www.postfix.org/postconf.5.html#authorized_submit_users
http://www.postfix.org/sendmail.1.html
0 new messages