On Monday 22 March 2004 07:07, Michal Novotny wrote: > Hello All! > > I have a little question. How can I setup Postfix for only one domain > e-mails (ex. name1@xxxxxxxx, name2@xxxxxxxx) can send and receive mail > only from/to one e-mail address (ex. list@xxxxxxxx) ? This means, they > cannot use this e-mail for any other e-mail addresses. And if it is > posible include it in normal Postfix setup for other domains, or if it > must have separate mail server? > > Thanks for any help with this. > > Sorry if it is little off-topic, but I hope it is about security. > > Regards > Michal Novotny > http://prolidi.cz This is not really a security issue, but you can use smtpd_restrictions to essentially accept only whitelisted addresses. I cobbled this together from something we use only for a specific restriction_class. That said, I have not tested this on anything but incoming mail, so you may have to add something here. Essentially, you place the domain name or IP into an access map (it can be a single map rather than the three shown below) such as: domain.tld OK and in main.cf Essentially, this whitelists a single domain and rejects all else smtpd_client_restrictions = smtpd_data_restrictions = smtpd_helo_restrictions = smtpd_sender_restrictions = smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unknown_sender_domain reject_non_fqdn_recipient reject_unauth_destination reject_unauth_pipelining reject_invalid_hostname reject_non_fqdn_hostname check_client_access btree:/etc/postfix/access_trusted check_sender_access btree:/etc/postfix/access_trusted check_helo_access btree:/etc/postfix/access_trusted check_client_access btree:/etc/postfix/access_trusted_user check_sender_access btree:/etc/postfix/access_trusted_user check_helo_access btree:/etc/postfix/access_trusted_user check_client_access btree:/etc/postfix/access_trusted_ip check_sender_access btree:/etc/postfix/access_trusted_ip check_helo_access btree:/etc/postfix/access_trusted_ip reject -- Robin Lynn Frank Director of Operations, Paradigm-Omega, LLC ============================================================ Someone said: Were you expecting an amusing tag line? ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
