On 1/5/2010 8:02 AM, Eric Williams wrote:
I've modified smtpd_recipient_restrictions to block incoming email with a
whitelist (/etc/postfix/access) as follows:
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
check_sender_access hash:/etc/postfix/access
reject
This works great so that entries in /etc/postfix/access like:
gmail.com OK
harvard.edu OK
allow incoming email from those domains, all others are rejected.
I would like to apply the same access list so that users sending mail through
this server can only reach those same domains.
I've tried lots of recipient checking configs but nothing works so far. I'd
rather not do this with the firewall, keeping the whitelist monitored by
postfix only.
Any suggestions? Thanks.
add to main.cf:
smtpd_sender_restrictions =
check_recipient_access hash:/etc/postfix/access
permit_auth_destination
reject
Leave your smtpd_recipient_restrictions as they are shown
above. This assumes the same domains are allowed for both
incoming and outgoing, and also allows local users to send
local mail. If you need to block local<->local, it gets trickier.
-- Noel Jones
