On Mon, May 14, 2012 at 01:20:02PM +0200, Amira Othman wrote:
> I have auth. And this is restrictions I have:
>
> smtpd_recipient_restrictions =
> permit_mynetworks
> permit_sasl_authenticated
> reject_unauth_destination
> reject_unknown_recipient_domain
>
> It rejects user that's not authenticated but for authenticated users
> it can send for all 3 ips
If you are willing to restrict each SASL user to a fixed sender
address, you can use "smtpd_sender_login_maps" and
"reject_authenticated_sender_login_mismatch" together with
"check_sender_access" to restrict submission access to just the
allowed senders.
Otherwise, you need to tweak SASL settings to restrict which users
can authenticate, which is mechanism dependent, and tricky. So with
luck the sender<->login restrictions above are a viable option.
--
Viktor.
