Loading ...
Sorry, an error occurred while loading the content.

294563RE: smtpd_sender_login_maps and out of office messages

Expand Messages
  • James Day
    Aug 1, 2013
    • 0 Attachment
      > -----Original Message-----
      > From: owner-postfix-users@... [mailto:owner-postfix-
      > users@...] On Behalf Of Wietse Venema
      > Sent: Wednesday, July 31, 2013 12:06 PM
      > To: Postfix users
      > Subject: Re: smtpd_sender_login_maps and out of office messages
      >
      > James Day:
      > > Hello list,
      > >
      > > Hopefully a simple question but I can't seem to find the answer in the
      > > documentation (maybe my Google skills are lacking!).
      > >
      > > I'm using smtpd_sender_login_maps to ensure that users relaying only
      > > send mail from their own domains.
      > >
      > > Is it possible to allow an exception for out of office messages /
      > > automatic replies (ie where there is no sender address)?
      >
      > It is possible.
      >
      > You would need to "permit" the null envelope sender address before
      > enforcing reject_sender_login_mismatch. At the same time this should not
      > make you an open relay for mail from <>.
      >
      > For these reasons I suggest moving reject_sender_login_mismatch out of
      > smtpd_recipient_restrictions, and into smtpd_sender_restrictions.
      >
      > /etc/postfix/main.cf:
      > smtpd_sender_restrictions =
      > check_sender_access hash:/etc/postfix/sender_access
      > reject_sender_login_mismatch
      >
      > /etc/postfix/sender_access:
      > <> permit
      >
      > The <> is a surrogate for the empty adress, and is configured with the
      > smtpd_null_access_lookup_key parameter. Postfix never queries a table
      > with the null-string lookup key.
      >
      > Wietse

      Thanks Wietse.

      This is my working configuration (hopefully you can't see any issues)

      /etc/postfix/main.cf

      ...

      smtpd_recipient_restrictions =
      permit_sasl_authenticated
      reject

      smtpd_sender_restrictions =
      check_sender_access hash:/etc/postfix/sender_access
      reject_sender_login_mismatch

      ...

      /etc/postfix/sender_access:
      <> permit

      Kind regards,

      James Day
    • Show all 3 messages in this topic