HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=4)
-   -   Postfix-users restriction (http://www.howtoforge.com/forums/showthread.php?t=3947)

mukta 27th April 2006 13:48

Postfix-users restriction
 
I have after 2 weeks of work(so I am not very clever) a Postfix server .
Thank you for your tutorials and I want to thank especialy to FALKO.
How can I have default users who cannot send external mails and how to set in main.cf users who have this rights?
Who can help me?I migrate from qmail cause I didn't succed there to make that diffrence to posfix wich I belive have more stuff built in...

I read and I tryed from :http://www.postfix.org/RESTRICTION_CLASS_README.html
to understand how to Restricting what users can send mail to off-site destinations BUT I am NOT too clever so ...

Thank you for those who will give me attention.

falko 27th April 2006 17:50

Which tutorial did you follow (URL)?

mukta 28th April 2006 08:07

tutorial
 
Actualy I finished with your tutorial http://www.howtoforge.com/virtual_po..._quota_courier and I have YOUR server.I had problems but with YOUR answers I solved every problem step by step..
So is it YOUR server(I started with other tutorials but finally...I am here)
The most importan part is to have a mail server with users limitations(smtp restrictions ).I tryed few months with qmail but I must write the authentication package there so I say better to migrate to postfix.

Thank you for your promtitude.

falko 28th April 2006 15:06

Have you tried this from http://www.postfix.org/RESTRICTION_CLASS_README.html ?

Quote:

/etc/postfix/main.cf:
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/restricted_senders
...other stuff...

smtpd_restriction_classes = local_only
local_only =
check_recipient_access hash:/etc/postfix/local_domains, reject

/etc/postfix/restricted_senders:
foo@domain local_only
bar@domain local_only

/etc/postfix/local_domains:
this.domain OK matches this.domain and subdomains
that.domain OK matches that.domain and subdomains

mukta 28th April 2006 15:17

tryed
 
Falko if you read my 1st post you will see that I tryed.
I don't know how to combine your main.cf with those new lines....
I don't understand much in main.cf lines...
I will try again since you will answer again..

Thank you..

falko 28th April 2006 15:36

Do this:
Code:

postconf -e 'smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders'
postconf -e 'smtpd_restriction_classes = local_only'
postconf -e 'local_only = check_recipient_access hash:/etc/postfix/local_domains, reject'

Then create the file /etc/postfix/restricted_senders which looks similar to this one:
Code:

foo@domain      local_only
bar@domain      local_only

Afterwards create /etc/postfix/local_domains which should look similar to this:
Code:

this.domain    OK
that.domain    OK

Then restart Postfix.

mukta 28th April 2006 15:48

:) ok ok..
 
I have in my original (and the server works great)main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = testing.cne-u2.ro
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = testing.cne-u2.ro, localhost.cne-u2.ro, localhost, yahoo.com
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2emai
l.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_data_restrictions = reject_unauth_pipelining
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."


After change you provide I have:


# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = testing.cne-u2.ro
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = testing.cne-u2.ro, localhost.cne-u2.ro, localhost, yahoo.com
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2emai
l.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = check_sender_access hash:/etc/postfix/restricted_senders
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_data_restrictions = reject_unauth_pipelining
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."



How will be now with those new line?What smtpd_recipient_restrictions will become?Cause nou in syslog I have:
Sep 17 08:28:44 testing postfix/master[2714]: warning: process /usr/lib/postfix/smtpd pid 2743 exit status 1
Sep 17 08:28:44 testing postfix/master[2714]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Sep 17 08:29:45 testing postfix/smtpd[2744]: fatal: open database /etc/postfix/restricted_senders.db: No such file or directo
ry
Sep 17 08:29:46 testing postfix/master[2714]: warning: process /usr/lib/postfix/smtpd pid 2744 exit status 1
Sep 17 08:29:46 testing postfix/master[2714]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
Sep 17 08:30:46 testing postfix/smtpd[2746]: fatal: open database /etc/postfix/restricted_senders.db: No such file or directo
ry
Sep 17 08:30:47 testing postfix/master[2714]: warning: process /usr/lib/postfix/smtpd pid 2746 exit status 1
Sep 17 08:30:47 testing postfix/master[2714]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling


And I have vi /etc/postfix/restricted_senders :

iond@cne-u2.ro local_only
bar@domain local_only


Thank you

falko 29th April 2006 15:18

Please run
Code:

postmap /etc/postfix/restricted_senders
and restart Postfix. Do this everytime you change /etc/postfix/restricted_senders.

mukta 30th April 2006 11:41

Thank You
 
Falko,I want to thank you for your help...
It's hardly to find someone who can REALY help you ...
THANK YOU!EVERYTHING IS OKKKKK!

I will come to you in the future to ask you about...since now I tryed alone everything but an anknown people help me ...you gave me more than answers in postfix you gave me more...

iondanielus@yahoo.com


All times are GMT +2. The time now is 12:05.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.