On 10/14/2014 9:38 AM, Ben Johnson wrote: > So, your suggestion to use authorized_submit_users looks very attractive > in that respect. But given that this facility only controls the system > users who may submit mail, I'm left wanting for a means by which to > control authentication requirements, instead of outright forbidding > sending. And my only reason for wanting the authentication requirement > is to trace abusive sending to a particular website that is hosted on > this system.
You seem to be missing the point that when you use the local sendmail(1) interface, the userID *is* the authentication. Postfix must either accept or reject the mail based solely on the userID. To use more robust username/password authentication, you must use SMTP AUTH, which of course requires mail be submitted via SMTP rather than sendmail(1). -- Noel Jones