[TriLUG] Postfix security question
Jon Carnes
jonc at nc.rr.com
Wed Jan 21 14:24:34 EST 2004
On Wed, 2004-01-21 at 11:31, joehome at wisdom.myftp.org wrote:
> Is there anyway to control what domains are allow from the MAIL
> FROM:me at somewereelse.com?
>
> This is to stop people on my network from possibly sending out mail that
> is not from my domain.
>
> I would like to do this without Cyrus SASL, but from inside postfix.
>
> Thanks in advance,
>
> Joe
You want to look in main.cf at the smtpd_recipient_restrictions and
tweak them. Here is a typical example:
smtpd_recipient_restrictions = permit_mynetworks,
permit_tls_all_clientcerts,
check_client_access hash:/etc/postfix/client_access,
check_sender_access hash:/etc/postfix/sender_access,
reject_unauth_destination
You probably want to get rid of the "permit_mynetworks".
I suggest you bring up a test server and play with getting it right on
that one, before adjusting the settings on your corporate server.
Good Luck - Jon Carnes
More information about the TriLUG
mailing list