On Wed, May 30, 2012 at 05:05:16PM -0400, JLP wrote: > Originally, I was trying to make "smtpd_sender_restrictions" > work, but Noel Jones (thanks again!) clued-me into the > config-option "authorized_submit_users" when using the sendmail > (or derivative) binaries. I tried unsuccessfully making some > form of unix:group.byname work like these options: > authorized_submit_users=!unix:group.byname, static:all > authorized_submit_users=!unix:group.byname=badUnixGroup, static:all > > Short of creating a cronjob-script to regularly re/create a HASH > file of disallowed users in the Unix group, is there something > obvious I am missing?
You missed the postconf(5) manual, specifically the description of authorized_submit_users. Negation can apply to a /file/name but not to a type:table lookup. http://www.postfix.org/postconf.5.html#authorized_submit_users You'll want to make your list, e.g., /etc/postfix/nosend, and then negate the list: authorized_submit_users=!/etc/postfix/nosend, static:all Two bits of general advice: You might want to save a link in your browser to your $html_directory. Everything is in there; no need to guess. I don't see any reference to your "unix:group.byname=badUnixGroup" syntax, therefore I'd assume that it is not implemented. Having untrusted shell users on a machine is a bad idea. If you cannot trust them to honor your mail policies, can you trust them to refrain from other nefarious activities? -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
