Dear community
I installed ISPCP some days ago and it perfectly integrated in my server environment. I was fighing with some sasl authdb stuff but that's working finally. Last thing in Postfix for sending mail are smtpd_sender_login_maps.
I would like to restrict mail from addresses to one specific account. For that I need a file (smtpd_sender_login_maps) that would look like this:
email1@domain1.tdl sasluser1
email2@domain1.tdl sasluser2
email1@domain2.tdl sasluser3
...
or in ISPCP style users basically
email1@domain1.tdl email1@domain1.tdl
email2@domain1.tdl email2@domain1.tdl
email1@domain2.tdl email1@domain2.tdl
...
Well, there is the sender-access file in /etc/postfix/ispcp, which looks like
email1@domain1.tdl OK
email2@domain1.tdl OK
email1@domain2.tdl OK
But with that I could not link a user as owner of one specific address.
Sooo... It must be really easy to change the sender-access file generation
from
email1@domain1.tdl OK
to
email1@domain1.tdl email1@domain1.tdl
but... how? where? ...help?
Thanks a lot!!
Found it...
I was greping my entire HDD for "OK"
here you go:
in
/var/www/ispcp/engine/ispcp-mbox-mngr
search for OK (it's in there two times) and change
'OK'
to
"$mail_acc\@$dmn_name"
the '' and "" are improtant.
In /etx/postfix/main.cf add one line:
smtpd_sender_login_maps=hash:/etc/postfix/ispcp/sender-access
and put reject_authenticated_sender_login_mismatch in smtpd_sender_restrictions.
smtpd_sender_restrictions = reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit_mynetworks,
reject_authenticated_sender_login_mismatch,
permit_sasl_authenticated
The result: if user "mail@domain.tdl" logs in to your mailserver, he can only send mail with "from: mail@domain.tdl" - so he/she cannot fake his/her from-address.
Search
Member List
Calendar
Help
/
Postfix: reject_sender_login_mismatch (smtpd_sender_login_maps needed)
