Re: Limit an account to 1 email address
> >> Each of my systems sends alerts to my mail server for delivery to my email address through a special user account
> >> on my mail server with no shell account which is only used for this purpose. Can I limit all mail sent by
> >> authenticating through this user account so that it can only be delivered to my email address? The user's password
> >> is stored in plain text in ssmtp.conf on each of my systems but I figure that doesn't matter if it can only be used
> >> to send mail to my address.
> > do you mean a catch-all address?
> > sorry but the decription of your goal is weird
> maybe OP is trying to say: this sender can only send to a specifc email
> address. if so, restriction classes can help:
> if not, OP is invited to state his goal with an example.
I'm sorry for the weird description. I want to send email alerts from each of my systems to my own email address. To do this, I've created a special user on my mail server and put that user's password in ssmtp.conf on each of my systems. Since this is not a secure way to store a password, I'd like to lock down the special user on my mail server so that any mail client authenticating as that user can only send email to my email address. That way the password doesn't need to be secure.- Grant
- On 12/9/2012 2:35 PM, Grant wrote:
> I'm sorry for the weird description. I want to send email alertsTo really lock this down requires two steps:
> from each of my systems to my own email address. To do this, I've
> created a special user on my mail server and put that user's
> password in ssmtp.conf on each of my systems. Since this is not a
> secure way to store a password, I'd like to lock down the special
> user on my mail server so that any mail client authenticating as
> that user can only send email to my email address. That way the
> password doesn't need to be secure.
> - Grant
1 - limit the credentials to a specific sender address.
2 - limit the sender address to a specific recipient.
smtpd_sender_login_maps = hash:/etc/postfix/sender_login
user@... REDIRECT target@...
The reject_sender_login_mismatch will limit which MAIL FROM can be
used with the credentials.
The REDIRECT will capture all mail from that sender and direct it to
the specified user, regardless of where it was originally addressed.
Rather than the REDIRECT, some folks might prefer to use a
restriction class to reject mail addressed to the wrong recipient.
And as a final option, you can do all this and more in an external
policy service. (eg. postfwd)
-- Noel Jones