How can I create a user account filter with postfix?
I am using this config.
I'm looking to create a white-list of email addresses that are allowed to send mail to my son's email address. Basically, I'm trying to do this: if from not in ('dad@home.net','mom@home.net','unclebill@work.org') then deliver to 'dad@home.net' Or deliver to /dev/null or something. This would be only for his account/domain, not server-wide. The configuration above uses MySQL for forwarding and authentication. I'm not sure if that is a plus or minus for what I'm trying to do. Any ideas would be appreciated; even if your a newb like me and have no idea what you're doing... :p |
You can do something similar to this. You would put your son's email address in the protected_destinations file of the example, and the whitelisted addresses in insiders. Mail to your son's address would be rejected unless the sender is in the whitelist.
|
Forward
That looks pretty good. What would I do if I wanted to forward to another email instead of reject?
Add another option? insiders_only = check_sender_access hash:/etc/postfix/insiders, forward_handler, reject I know little about postfix, just guessing here. |
You'd have to do something like this, which is incorrect, so read the entire post:
Code:
#/etc/postfix/insiders correct me if I'm wrong). But, you can do it using a pcre table, for example. Code:
#/etc/postfix/insiders |
Very awesome. Going to try this out now and let you know.
|
On the cusp of perfection here. It rejects emails instead of redirecting them. Not sure why. here is the file:
Code:
#/etc/postfix/insiders Here is a bit of the log. Code:
Jun 23 18:38:20 mail postfix/postfix-script[23222]: refreshing the Postfix mail system |
Ok, if you remove the "reject" from this:
Code:
insiders_only = check_sender_access pcre:/etc/postfix/insiders, reject Code:
insiders_only = check_sender_access pcre:/etc/postfix/insiders It also looks like you can explicitly imply a REJECT action within the file and still have the message trickle down to the catch all if it does not match the rule - which is good. Thanks for your help! |
that's correct. excellent work, 3rods.
but, not for the reason you gave. we are creating a catchall for the sender, not for the recipients, and only when message are sent to a certain address. for example, if you sent a message to nonexistent@home.net (assuming home.net is local to the mail server), then mail would be rejected. the reason is mentioned in the discussion here. it means that a REDIRECT action does not stop the key lookup in the access list, which in our case, continues with the reject rule. |
All times are GMT -5. The time now is 11:36 AM. |