Re: restricting few users from sending mails outside domain (mymailsystem.com)
Ohh GREAT Noel! that sorted the issue out .. I was using roundcube to test this but once you specified that its using sendmail instead of smtp it clicked the right button, roundcube by default uses available mta and do not look for smtp auth. I have adjusted roundcube to go for smtp and it worked like charm. For other users references, this is the final conf which worked for me as expected : main.cf : smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders,permit_mynetworks,permit_sasl_authenticated,check_client_access mysql:/etc/postfix/mysql_popbsmtp_access_maps.cf,check_client_access hash:/etc/postfix/relay,reject_unauth_destination smtpd_restriction_classes = localonly localonly = check_recipient_access hash:/etc/postfix/localdomains, reject smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot Roundcube main.inc.php : $rcmail_config['smtp_server'] = 'tls://%h'; $rcmail_config['smtp_port'] = 25; $rcmail_config['smtp_user'] = '%u'; $rcmail_config['smtp_pass'] = '%p'; Thanks guys! Now I just need to find the button for "marked as solved" :) -- View this message in context: http://postfix.1071664.n5.nabble.com/restricting-few-users-from-sending-mails-outside-domain-mymailsystem-com-tp61996p62018.html Sent from the Postfix Users mailing list archive at Nabble.com.
Re: restricting few users from sending mails outside domain (mymailsystem.com)
On 10/8/2013 5:27 AM, virtualpostfix wrote: > Hi Nik, > > Thanks for quick reply, yes the postfix version is 2.6 : > > [root@posttestbox postfix]# postconf -d mail_version > mail_version = 2.6.6 > > Here is how I tried the suggestion in main.cf : > > smtpd_relay_restrictions = localonly > localonly = check_recipient_access hash:/etc/postfix/localdomains, reject > smtpd_sasl_auth_enable = yes > smtpd_recipient_restrictions = check_sender_access > hash:/etc/postfix/restricted_senders,permit_mynetworks,permit_sasl_authenticated,check_client_access > mysql:/etc/postfix/mysql_popbsmtp_access_maps.cf,check_client_access > hash:/etc/postfix/relay,reject_unauth_destination > smtpd_sasl_path = private/auth > smtpd_sasl_type = dovecot > > > But user is still able to send mails outside domain, here is current log > happening (from postfix restart): > > Oct 8 23:38:03 posttestbox postfix/postfix-script[32074]: starting the > Postfix mail system > Oct 8 23:38:03 posttestbox postfix/master[32075]: daemon started -- version > 2.6.6, configuration /etc/postfix > Oct 8 23:38:22 posttestbox postfix/pickup[32079]: 7C52E635C6: uid=48 > from= The postfix smtpd_*_restrictions only apply to mail submitted via SMTP. This message was submitted via the local sendmail(1) command by user 48. If this is a webmail system, perhaps you can change it to submit mail via SMTP. -- Noel Jones > Oct 8 23:38:22 posttestbox postfix/cleanup[32093]: 7C52E635C6: > message-id=<8834f0da5847e89290d0bafe5c9d1668@mymailsystem.local> > Oct 8 23:38:22 posttestbox postfix/qmgr[32080]: 7C52E635C6: > from=, size=557, nrcpt=1 (queue active) > Oct 8 23:38:25 posttestbox postfix/smtp[32102]: connect to > gmail-smtp-in.l.google.com[2607:f8b0:400e:c01::1a]:25: Network is > unreachable > Oct 8 23:38:27 posttestbox postfix/smtp[32102]: 7C52E635C6: > to=, > relay=gmail-smtp-in.l.google.com[74.125.129.27]:25, delay=5.1, > delays=0.15/0.01/3.5/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1381227533 > hb3si26717605pac.65 - gsmtp) > Oct 8 23:38:27 posttestbox postfix/qmgr[32080]: 7C52E635C6: removed > > I am trying to use the suggestions in more possible ways but shared current > status in case it helps. > > Thanks > > > > -- > View this message in context: > http://postfix.1071664.n5.nabble.com/restricting-few-users-from-sending-mails-outside-domain-mymailsystem-com-tp61996p62002.html > Sent from the Postfix Users mailing list archive at Nabble.com. >
Re: restricting few users from sending mails outside domain (mymailsystem.com)
ohh lol yes! right Charles. Uhh I guess this issue is taking away my head. Thanks Charles. -- View this message in context: http://postfix.1071664.n5.nabble.com/restricting-few-users-from-sending-mails-outside-domain-mymailsystem-com-tp61996p62005.html Sent from the Postfix Users mailing list archive at Nabble.com.
Re: restricting few users from sending mails outside domain (mymailsystem.com)
On 2013-10-08 6:27 AM, virtualpostfix wrote: [root@posttestbox postfix]# postconf -d mail_version mail_version = 2.6.6 ? 2.6 is NOT >= 2.10 -- Best regards, */Charles/*
Re: restricting few users from sending mails outside domain (mymailsystem.com)
Hi Nik, Thanks for quick reply, yes the postfix version is 2.6 : [root@posttestbox postfix]# postconf -d mail_version mail_version = 2.6.6 Here is how I tried the suggestion in main.cf : smtpd_relay_restrictions = localonly localonly = check_recipient_access hash:/etc/postfix/localdomains, reject smtpd_sasl_auth_enable = yes smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders,permit_mynetworks,permit_sasl_authenticated,check_client_access mysql:/etc/postfix/mysql_popbsmtp_access_maps.cf,check_client_access hash:/etc/postfix/relay,reject_unauth_destination smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot But user is still able to send mails outside domain, here is current log happening (from postfix restart): Oct 8 23:38:03 posttestbox postfix/postfix-script[32074]: starting the Postfix mail system Oct 8 23:38:03 posttestbox postfix/master[32075]: daemon started -- version 2.6.6, configuration /etc/postfix Oct 8 23:38:22 posttestbox postfix/pickup[32079]: 7C52E635C6: uid=48 from= Oct 8 23:38:22 posttestbox postfix/cleanup[32093]: 7C52E635C6: message-id=<8834f0da5847e89290d0bafe5c9d1668@mymailsystem.local> Oct 8 23:38:22 posttestbox postfix/qmgr[32080]: 7C52E635C6: from=, size=557, nrcpt=1 (queue active) Oct 8 23:38:25 posttestbox postfix/smtp[32102]: connect to gmail-smtp-in.l.google.com[2607:f8b0:400e:c01::1a]:25: Network is unreachable Oct 8 23:38:27 posttestbox postfix/smtp[32102]: 7C52E635C6: to=, relay=gmail-smtp-in.l.google.com[74.125.129.27]:25, delay=5.1, delays=0.15/0.01/3.5/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1381227533 hb3si26717605pac.65 - gsmtp) Oct 8 23:38:27 posttestbox postfix/qmgr[32080]: 7C52E635C6: removed I am trying to use the suggestions in more possible ways but shared current status in case it helps. Thanks -- View this message in context: http://postfix.1071664.n5.nabble.com/restricting-few-users-from-sending-mails-outside-domain-mymailsystem-com-tp61996p62002.html Sent from the Postfix Users mailing list archive at Nabble.com.
Re: restricting few users from sending mails outside domain (mymailsystem.com)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dominik George schrieb: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA512 > >Hi, > >>smtpd_recipient_restrictions = check_sender_access > >Are you using Postfix >=2.10? If so, have you tried smtpd_relay_access? smtpd_relay_restrictions, anyway. - -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. -BEGIN PGP SIGNATURE- Version: APG v1.0.8-fdroid iQFNBAEBCgA3BQJSU9L6MBxEb21pbmlrIEdlb3JnZSAobW9iaWxlIGtleSkgPG5p a0BuYXR1cmFsbmV0LmRlPgAKCRAvLbGk0zMOJfp/CACm7AT1jPeggEKy2qV4jasS XzJZcWD8lvoLtipQxTUqHni/qm/TCjwqm4UYfTbfw85b/MivsKWZZaRJbphRG0c0 +jyKCW2VSLcIePZ6rHMzmikk54XlSxvw3eo9Afvh95dMpO4/jK+DorbHdvuPEnMk 3lQBRD3JSVXpGzYekigMhQ6R9Ze+S8yl5oCUyl6p6LFOmZCuvJXqfbXlivEqqRja iR2s+WDJUgRcjbVWJiYQU/2q6APBaB3F33asWcYjwHqQP2jb6hLbe9CoZ5NtE+dq suXeX8KjNhqAxuIoQpS3H85YbSkwOBfwFZ9nkZ7yj/oEDXmFYrwpARmckx3jfp6/ =+887 -END PGP SIGNATURE-
Re: restricting few users from sending mails outside domain (mymailsystem.com)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, >smtpd_recipient_restrictions = check_sender_access Are you using Postfix >=2.10? If so, have you tried smtpd_relay_access? Cheers, Nik -BEGIN PGP SIGNATURE- Version: APG v1.0.8-fdroid iQFNBAEBCgA3BQJSU9BkMBxEb21pbmlrIEdlb3JnZSAobW9iaWxlIGtleSkgPG5p a0BuYXR1cmFsbmV0LmRlPgAKCRAvLbGk0zMOJe0rCACZiUkFvXjwyNs1Z0Nh9mZA veCBa/H0a0PIPPz46thmK0V23YOecpCcV8+1GQ22mx/5gSSExSBSNGFvvGu9feoy REMKJuxIgcqMvuG3Ky1TgSWdtSCsy4YIJ7GxzYrNpngAx5myGvwX1/siYsnUqfNu ug4U8F9y8toCYcwLOse8OSb751tv6YyL8C2bhdcCDQo1jyj0d9Kn9p5xTE3FhjRz QovG3suuEr860yGyjvYHO2uDbioyaByo5PX0qgsUkktWDvUAYyF3sIjI5pmejoK3 cHNV85D6EWWULR3jypUHYJ+Lzz3F4wP1bImCLQnjmkXjgmBdBr+9f80L0Rc5HE/Q =l1Hi -END PGP SIGNATURE-
