SOLVED Re: Restricting authorized email destinations for some users
- mouss a écrit :
> Sylvain MEDEOT wrote:Yes, it definitely works. Many thanks for your help and the help from the list.
>> mouss a écrit :
>>> Sylvain MEDEOT wrote:
>>>> I need to restrict some of my local mail accounts in order for them to be allowed to send
>>>> mails only to specific email adresses.
>>>> account@... => account@...
>>>> => account2@...
>>>> => *@...
>>>> To do so, I was thinking about regexp in header_check but I am not sure that it is the
>>>> best way to do so.
>>>> Can somebody on the list point me to the best way to do that ?
>>> if you have few such "rules", then you can use restriction classes.
>>> if you want a more flexible way, then you can use a policy service as
>>> already suggested. I think apolicy does things like this. It may also be
>>> possible to setup a configuration based on Cami's policyd (sorry for the
>>> new maintainer, I'm too used to calling it like this), but I can't swear
>> I followed your suggestion and wrote a policy service.
>> It works well with local users but I get a relay denied when my users try to send mails
>> outside our domain. Postfix is configured as follows :
>> smtpd_recipient_restrictions is : = reject_unauth_destination check_policy_service
>> Then it I change smtpd_recipient_restrictions to
>> smtpd_recipient_restrictions is : = permit_mynetworks reject_unauth_destination
>> check_policy_service unix:private/policy
>> ...but then any local user can send mail without the policy being checked...
> put the policy check under smtpd_sender_restrictions and you're done.