邮件应用中可能回又如下的应用需求:
某销售A只能收到来自163.com及sina.com的邮件 某技术员B只能给内部用户发邮件,不允许向外网发邮件,但可以收到外网邮件 某主管可以收发内、外网邮件 ......
Hello!
I have the same problem:
1. I need to permit some internal users (not all) to send mail to any
external user (Internet)
2. I need to permite any external user to send mail to some my internal
users (not all)
In fact, the problem is: just "some" of my internal users have permission to
receive mail from and send mail to the Internet.
How can I solve this?
View this article only
新闻群组:mailing.postfix.users
日期:2002-12-04 15:18:04 PST
In the example below, the same list of restricted_users is used for
controlling both who can send and who can receive internet mail. If you
don't require the local_plus feature, just leave that part out.
local_only =
reject_unauth_destination
permit_mynetworks
reject
local_plus =
check_recipient_access hash:/etc/postfix/local_plus
check_sender_access hash:/etc/postfix/local_plus
reject_unauth_destination
permit_mynetworks
reject
and in /etc/postfix/restricted_users
# /etc/postfix/restricted_users
# this file contains a list of users only allowed to send and receive local
mail
# postmap this file after changes
# local users not listed here have no restrictions
user1@miodemi.com local_only
user2@miodemi.com local_plus
and in /etc/postfix/local_plus:
# /etc/postfix/local_plus
# this file contains allowed destinations and senders
# for users restricted to local_plus
# postmap this file after changes
miproveedor.com OK
Remember to "postmap local_plus" and "postmap restricted_users" after
making changes to them.
Remember to run "postfix reload" after changing main.cf
有几个方法:
1) smtpd_restriction_classes = local_only
设置一个限制类别叫local_only,然后参考access(5)的格式做一个访问控制:
local_only = check_recipient_access hash:/etc/postfix/maps/my_rcpt
文件my_rcpt内容:
163.com RELAY 21cn.com RELAY hzqbbc.com RELAY
然后,设置:
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/maps/mysender
mysender内容:
hzqbbc@local.hzqbbc.com local_only
这样凡是Mail from:
按这个方法,还可以设置更多的类别,例如remote_only以及不限制的帐号等。但这些都只对from:限制。而且不管是否SASL后的。所以有一定缺陷。不过,已经达到目的了。
2)使用snapshot版的policy策略
根据某个hash表或配置文件,判断对应的sender和recipient是否匹配,匹配就返回OK或者DUNNO或者RELAY等(可能RELAY已经过时,这个是postfix 1.1.x的)如果不匹配就返回错误代码
按postfix所带的smtpd-policy.pl模式,修改一下就可以使用了。详细参考POLICY_README等。
我自己的例子:
1)定义类send2hrall:
smtpd_restriction_classes = send2hrall
send2hrall =
check_sender_access mysql:/usr/local/etc/postfix/mysql-send2hrall.cf,reject
配置文件 send2hrall.cf内容如下:
hosts = localhost
user = mailuser
password = mailpasswd
dbname = maildatabase
query = select access from mysql-send2hrall where source = '%s'
| 自由广告区 |
| 分类导航 |
| 邮件新闻资讯: IT业界 | 邮件服务器 | 邮件趣闻 | 移动电邮 电子邮箱 | 反垃圾邮件|邮件客户端|网络安全 行业数据 | 邮件人物 | 网站公告 | 行业法规 网络技术: 邮件原理 | 网络协议 | 网络管理 | 传输介质 线路接入 | 路由接口 | 邮件存储 | 华为3Com CISCO技术 | 网络与服务器硬件 操作系统: Windows 9X | Linux&Uinx | Windows NT Windows Vista | FreeBSD | 其它操作系统 邮件服务器: 程序与开发 | Exchange | Qmail | Postfix Sendmail | MDaemon | Domino | Foxmail KerioMail | JavaMail | Winwebmail |James Merak&VisNetic | CMailServer | WinMail 金笛邮件系统 | 其它 | 反垃圾邮件: 综述| 客户端反垃圾邮件|服务器端反垃圾邮件 邮件客户端软件: Outlook | Foxmail | DreamMail| KooMail The bat | 雷鸟 | Eudora |Becky! |Pegasus IncrediMail |其它 电子邮箱: 个人邮箱 | 企业邮箱 |Gmail 移动电子邮件:服务器 | 客户端 | 技术前沿 邮件网络安全: 软件漏洞 | 安全知识 | 病毒公告 |防火墙 攻防技术 | 病毒查杀| ISA | 数字签名 邮件营销: Email营销 | 网络营销 | 营销技巧 |营销案例 邮件人才:招聘 | 职场 | 培训 | 指南 | 职场 解决方案: 邮件系统|反垃圾邮件 |安全 |移动电邮 |招标 产品评测: 邮件系统 |反垃圾邮件 |邮箱 |安全 |客户端 |