Loading ...
Sorry, an error occurred while loading the content.

reject_sender_login_mismatch doc

Expand Messages
  • johnea
    The postfix documentation regarding reject_sender_login_mismatch: http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch or maybe in here:
    Message 1 of 3 , Aug 1, 2009
    • 0 Attachment
      The postfix documentation regarding reject_sender_login_mismatch:

      http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
      or maybe in here:
      http://www.postfix.org/SMTPD_ACCESS_README.html

      Specifically the reject_authenticated_* and reject_unauthenticated_*
      forms, would greatly benefit from this small snippet from the mailing
      list archives:

      http://archives.neohapsis.com/archives/postfix/2009-01/0523.html

      I was really not clear on how this worked until finding this.

      Although I'm still not sure why the reject_authenticated_* one
      is useful.

      Thank You to everyone contributing to postfix!

      I hope this small addition can make it into the docs...

      johnea

      ~~~~~~~~~~~~~~~~ snippet from mail archives ~~~~~~~~~~~~~~~~
      to sum up:

      - if foo@... can only be used by user 'foo', then use
      reject_sender_login_mismatch

      - if foo@... must be authenticated (but you don't care who the
      user is), then use reject_unauthenticated_sender_login_mismatch

      - if foo@... can be used (without auth) OR (if auth'ed, the user
      must be 'foo'), then use reject_authenticated_sender_login_mismatch

      <advanced>
      you can implement this on a per sender basis using a check_sender_access
      with a map that returns one of the above depending on the sender.

      for example:

      smtpd_sender_restrictions =
      check_sender_access hash:/etc/postfix/access_sender_login

      == access_sender_login:
      joe@... reject_sender_login_mismatch
      jim@... reject_authenticated_sender_login_mismatch
      jane@... reject_unauthenticated_sender_login_mismatch
      foo@... DUNNO
      example.com reject_sender_login_mismatch
      </advanced>
    • /dev/rob0
      ... I just looked for this feature in the past couple of days, and the first place I looked was in SASL_README. I found it in the credits at the bottom, but
      Message 2 of 3 , Aug 1, 2009
      • 0 Attachment
        On Saturday 01 August 2009 10:15:08 johnea wrote:
        > The postfix documentation regarding reject_sender_login_mismatch:
        >
        > http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
        > or maybe in here:
        > http://www.postfix.org/SMTPD_ACCESS_README.html
        >
        > Specifically the reject_authenticated_* and reject_unauthenticated_*
        > forms, would greatly benefit from this small snippet from the mailing
        > list archives:
        >
        > http://archives.neohapsis.com/archives/postfix/2009-01/0523.html

        I just looked for this feature in the past couple of days, and the
        first place I looked was in SASL_README. I found it in the credits at
        the bottom, but that was the only place.

        It's a SASL-specific feature, it's a FAQ on the list, so I would
        suggest inclusion in the SASL_README.

        Note, I am not commenting on Mouss' original text, since I have never
        needed to implement sender mismatch features. My comment is merely
        regarding a perceived need for this in said README.
        --
        Offlist mail to this address is discarded unless
        "/dev/rob0" or "not-spam" is in Subject: header
      • mouss
        ... I played with the various configs just to see how I could put most of the config in mysql. Otherwise, reject_sender_login_mismatch is probably enough for
        Message 3 of 3 , Aug 1, 2009
        • 0 Attachment
          /dev/rob0 a écrit :
          > On Saturday 01 August 2009 10:15:08 johnea wrote:
          >> The postfix documentation regarding reject_sender_login_mismatch:
          >>
          >> http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
          >> or maybe in here:
          >> http://www.postfix.org/SMTPD_ACCESS_README.html
          >>
          >> Specifically the reject_authenticated_* and reject_unauthenticated_*
          >> forms, would greatly benefit from this small snippet from the mailing
          >> list archives:
          >>
          >> http://archives.neohapsis.com/archives/postfix/2009-01/0523.html
          >
          > I just looked for this feature in the past couple of days, and the
          > first place I looked was in SASL_README. I found it in the credits at
          > the bottom, but that was the only place.
          >
          > It's a SASL-specific feature, it's a FAQ on the list, so I would
          > suggest inclusion in the SASL_README.
          >
          > Note, I am not commenting on Mouss' original text, since I have never
          > needed to implement sender mismatch features. My comment is merely
          > regarding a perceived need for this in said README.


          I played with the various configs just to see how I could put most of
          the config in mysql. Otherwise, reject_sender_login_mismatch is probably
          enough for most cases.
        Your message has been successfully submitted and would be delivered to recipients shortly.