Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 28th July 2006, 15:34
Tortanick Tortanick is offline
Member
 
Join Date: Mar 2006
Posts: 48
Thanks: 0
Thanked 0 Times in 0 Posts
Default creating smtpd_sender_login_maps with mysql

after following http://www.howtoforge.com/virtual_po..._quota_courier I have a working mailserver, however I'd like to make sure that users can only send mail from one of thier aliases. I don't perticually care if they can or can't send form the E-mail address in the users table.

I tried this setup, but it hasn't worked: After I authenticate I get an error: <Alias@example.com>: Sender address rejected: not owned by user USER@example.com, this error appears in thunderbird and my mail.log

The alias@example.com is forwarded to USER@example.com in the forwardings table, I tested with telnet.

What I did:

in main.cf change

Code:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
to
Code:
smtpd_recipient_restrictions = permit_mynetworks, reject_authenticated_sender_login_mismatch, permit_sasl_authenticated, reject_unauth_destination
add the line
Code:
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_login_maps.cf
and smtpd_sender_login_maps.cf contains
Code:
user = mail_read
password = mail_read_password
dbname = mail
table = forwardings
select_field = source
where_field = destination
hosts = 127.0.0.1
additional_conditions = and readonly = 0
(I created readonly myself, its a enum with 0 & 1 as options, users shouldn't be able to send from aliases that have 1

Postfix version 2.1.5

Last edited by Tortanick; 28th July 2006 at 21:19.
Reply With Quote
Sponsored Links
  #2  
Old 29th July 2006, 09:26
Tortanick Tortanick is offline
Member
 
Join Date: Mar 2006
Posts: 48
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I got it working!

Code:
user = mail_read
password = mail_read_password
dbname = mail
table = forwardings
select_field = destination
where_field = source
hosts = 127.0.0.1
additional_conditions = and readonly = '0'
since this is more a guidet then a question:

I licence this guide under Creative Commons, permission is given to everybody (epsecilly falko) to modify, use, and redistribute alone or part of a bigger guide.

If I misunderstood the terms of Creative Commons anything following the word permission takes precidence
Reply With Quote
  #3  
Old 29th July 2006, 12:42
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

I'm not quite sure if you can license code snippets like this one... Because then someone else could come and say "I license all Apache directives, and everyone who uses them has to pay". I'm no lawyer though, but my common sense tells me so. But you know about the relation between law and common sense...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 29th July 2006, 13:20
Tortanick Tortanick is offline
Member
 
Join Date: Mar 2006
Posts: 48
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I don't know much about law either, but my instinct said I'd ended up with a mini guide rather than a code snippet (btw I was talking about both posts), your guides were under creative commons, and I wanted to give you permission to add the contents of those two posts to your guide so creative commons seemed like logical thing.

Although now you mention it I should have known better than to apply logic to law.

Last edited by Tortanick; 29th July 2006 at 22:35.
Reply With Quote
  #5  
Old 30th July 2006, 13:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by Tortanick
your guides were under creative commons
It applies to the writing, i.e., my wording, screenshots, etc., and not so much to the code or the commands.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 8th September 2009, 20:33
tekknokrat tekknokrat is offline
Junior Member
 
Join Date: Sep 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

Sorry to exhume this one...
I understand rules described here as a security mechanism for senders.
But question is - can the map table also be used to prevent spoofing of sender addresses of incoming mails?
So that it blocks remote mails containing sender addresses of accounts managed on that server.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
Problem with the apache (I can't start ist) M.Behrens Installation/Configuration 11 31st March 2006 10:48
Mandriva 10.2 Perfect Setup Install Problems... ctroyp Installation/Configuration 12 30th December 2005 16:04
Problem installing ISPConfig, then with MySQL... ctroyp Installation/Configuration 7 26th September 2005 16:37
MySQL issue during install of ISPConfig ricbax Installation/Configuration 4 16th September 2005 09:41


All times are GMT +2. The time now is 23:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.