[TriLUG] Postfix security question

Jon Carnes jonc at nc.rr.com
Wed Jan 21 14:24:34 EST 2004


On Wed, 2004-01-21 at 11:31, joehome at wisdom.myftp.org wrote:
> Is there anyway to control what domains are allow from the MAIL
> FROM:me at somewereelse.com?
> 
> This is to stop people on my network from possibly sending out mail that
> is not from my domain.
> 
> I would like to do this without Cyrus SASL, but from inside postfix.
> 
> Thanks in advance,
> 
> Joe

You want to look in main.cf at the smtpd_recipient_restrictions and
tweak them. Here is a typical example:

smtpd_recipient_restrictions = permit_mynetworks,
         permit_tls_all_clientcerts,
         check_client_access hash:/etc/postfix/client_access,
         check_sender_access hash:/etc/postfix/sender_access,
         reject_unauth_destination

You probably want to get rid of the "permit_mynetworks".

I suggest you bring up a test server and play with getting it right on
that one, before adjusting the settings on your corporate server.

Good Luck - Jon Carnes




More information about the TriLUG mailing list