Em Qua 24 Nov 2004 16:32, voc� escreveu: > i don't want relying based on sender's domain !!!!
are you angry? > > i have a lot o users/accounts and some of them must not > can sending mail to the "internet" .. just to local domain > so i thing to something like this: > 1) have another ldap attribute and qmail-smtpd look for > this attribute and if it set just do onother verification > on recipient domain and if not in rcpthosts drop the > connection > or > 2) qmail-smtpd look into another control file > (~controls/<some file>) and if sender's address is listed > in this file check recipient domain and if is not in > rcpthosts drop connection > > something like postfix is doing !!!!! > The best way to selectively authorize users to send mails out of your domain is based on IP address using TCPSERVER and RELAYCLIENT env or some kind of authentication (AUTH SMTP, SMTP-AFTER-POP). Some people uses different databases for SMTP authentication and POP. Putting on the SMTP authentication database, only the users authorized to relay. You also could write a wrapper for qmail-queue to determine, based on sender address, if the mail is allowed to relay or not. But as already said, address can be forged. Look in qmail list. That issue was actively discussed before in that list. > --- Brian Reichert <[EMAIL PROTECTED]> wrote: > > On Sun, Nov 21, 2004 at 11:37:13PM -0800, Mihai Costache > > > > wrote: > > > second: can somebody tell me how to make qmail-smtpd to > > > check domain sender, sender email address and domain > > > recipient when mails came from relay hosts ... and if > > > domain sender is not in ~control/rcpthosts(.cdb) to > > > > reject > > > > > this emails and to can to do some like this : to have a > > > list of local email address who can send mails only to > > > locals domain (aka domain listed in > > > ~control/rcpthosts(.cdb) or ~control/locals(.cdb)) > > > > It depends on what you're trying to accomplish. > > > > Bear in mind that the sender's domain can be forged. > > Relying on > > the sender's domain to control relaying isnt' very > > useful. > > > > It _sounds_ like what you want is known people from known > > hosts to > > be able to relay. > > > > If that's the case, you should look into SMTP AUTH; that > > forces > > force's people's mail clients to provide a password, such > > that when > > they've authenticated, they're allowed to relay though > > that mail > > server... > > > > > thanks, > > > Mihai > > > > -- > > Brian Reichert <[EMAIL PROTECTED]> > > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > > Derry NH 03038-1713 USA BSD admin/developer at large > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - You care about security. So do we. > http://promotions.yahoo.com/new_mail GL, -- F�bio Gomes <[EMAIL PROTECTED]>
