Am 06.05.22 um 11:04 schrieb Víctor Rubiella Monfort:
Thanks for the proposals, the main problem is accounts names and domains
could be totally different. I'm reconsidering this approach to add only
selected accounts to able to cross domains, simplifing automation and
increasing security. Although it requires more config for client.
Thanks a lot.
El 5/5/22 a las 15:23, Wietse Venema escribió:
V?ctor Rubiella Monfort:
Hello,
I'm working on a map for restrict MAIL_FROM declared on mail based on
sasl user authenticated.
For example if we want that all accounts for domain @domain1.com can
define MAIL_FROM @domain1.com and @domain2.com accounts:
@domain1.comaccou...@domain1.com accou...@domain2.com
accou...@domain2.com accou...@domain2.com
@domain2.comaccou...@domain1.com accou...@domain2.com
accou...@domain2.com accou...@domain2.com
Perhaps you can use reject_sender_login_mismatch with
main.cf:
smtpd_sender_login_maps = pcre:$config_directory/sender-login.pcre
sender-login.pcre
/^(.+)@domain1\.example$/ $1@domain1.example $1@domain2.example
/^(.+)@domain2\.example$/ $1@domain1.example $1@domain2.example
Assuming that the usernames are the same in different domains.
Wietse
perhaps this older milter "may" help too
https://github.com/croessner/vrfydmn
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein