On 2013.10.28 21:54:00 +0100, Rudy Gevaert wrote: > Quoting wie...@porcupine.org (Wietse Venema), Fri, 25 Oct 2013: > >Adding check_sasl_sender_access support would not be difficult. > >It just hasn't been done yet.
Not explicit, but ... > Disabling the account is indeed a possibility, which we do now. > However because of the current setup, we can't only disable smtp > auth. Having an extra sender access map would have helped :) Here is just another workaround. Simply reject a given MAIL FROM address with 'check_sender_access', but make sure SASL authenticated users can't choose any arbitrary sender. Tie (SASL) login names to sender addresses using 'smtpd_sender_login_maps' unless it's already part of your setup. http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch -- Best regards, Manuel