On 07.05.25 12:57, Srinivasa Gowd S via Postfix-users wrote:
We would like to configure our Postfix server to meet the following
requirements:
1. Allow incoming emails from all external domains to all internal
users.
This is standard when recipient domain is metioned in mydestination,
virtual_alias_domains, virtual_mailbox_domains or relay_domains.
2. Restrict outgoing emails for all users so they can only send to a
list of allowed domains.
You can do this using restriction classes:
http://www.postfix.org/RESTRICTION_CLASS_README.html
or perhaps using external milter e.g. postfwd.
It's configuration is kinda complicated (although it's a good tool).
3. Allow specific privileged users to bypass this restriction and send
emails to any external domain.
This is default for local users, users autentized by sasl and users in
$mynetworks.
Below is our current configuration:
smtpd_recipient_restrictions =
check_recipient_access hash:/etc/postfix/recipient_access
This checks whether particular recipients are allowed.
check_sender_access hash:/etc/postfix/check_sender_access
This checks whether particilar senders are allowed.
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
check_policy_service unix:private/policyd-spf
permit
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
defer_unauth_destination
reject_unauth_destination
There is nothing in this configuraton that would control which users may
send mail where.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I just got lost in thought. It was unfamiliar territory.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
