On Thu, 19 Jun 2014, D'Arcy J.M. Cain wrote:
On Thu, 19 Jun 2014 08:17:49 +0300
Vytenis Sabaliauskas <[email protected]> wrote:
I'm struggling to stop abusing SASL usernames. My idea is to allow any
particular SASL username send only from his domain, that is "
[email protected]" can send from "[email protected]", but not from "
[email protected]".
I don't know how to do that but I wonder why you want to. The whole
point of authentication is to allow your users to get email without
having to trust the system they are coming in from. If you trust the
domain then just add it to mynetworks and don't bother with
authentication. I suggest authentication though so that your users can
get their email no matter where they are. People are mobile.
Whoa, whoa, whoa. The original poster was asking about sending email.
You're talking about getting email which is the role of an IMAP or POP
server such as Dovecot, not Postfix. Besides that, mynetworks defines
trusted IP addresses, not domains.
-- Larry Stone
[email protected]
