Cristobal Palmer wrote:
I have a site, bar.com, that will be receiving mail from clients such
as foo and baz who have their own domains, foo.com and baz.com.
I want to set things up such that mail to [EMAIL PROTECTED] only gets
through if it came from [EMAIL PROTECTED], likewise mail to [EMAIL PROTECTED]
should
be dropped if it didn't come from [EMAIL PROTECTED]
What's the _best_ way to do this if I'm using postfix? Something
directly in postfix? Procmail?
TIA,
CMP
Check out smtpd_sender_restrictions, you'll probably want to add a
check_sender_access table like this:
smtpd_sender_restrictions = check_sender_access
hash:/etc/postfix/incoming-domains
which points to a file with entries like these:
foo.com ok
baz.com ok
You'll also need to makemap hash /etc/postfix/incoming-domains to create
/etc/postfix/incoming-domains.db for the above example to be acceptably
fast (I think it'll work if you don't, just at a great performance peril).
More details can be found in the postfix documentation, here:
http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
You'll probably want to do some other smtpd_sender_restrictions, and if
you've already got several of them add the one above in the style of the
others. Rejecting based on the MX might not be a bad idea either, as
it'll cut down on spoofing at the expense of a dns lookup for every
connection. If you can afford to do that depends on how likely someone
is to spoof mail to you maliciously, and what volumes of mail you're
talking about.
Please post back if you have further questions,
Aaron S. Joyner
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
