在 Postfix 中,如何禁止本地用户发送电子邮件,比如[电子邮件保护],去哪?
我写了一个sender_access
包含以下几行的文件
# cat sender_access
joe REJECT
[email protected] REJECT
并将其加载为哈希postmap hash:sender_access
,然后我在行中main.cf
添加
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
最后我重启了 postfix。但是用户仍然在向活动队列写入数据。也许配置文件中存在其他选项干扰。
这是我的postconf -n
:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = mail.example.com, localhost.neencloud.it, , localhost, mail.example.com
myhostname = mail.example.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
这是其中的一部分mail.log
:
Aug 12 15:59:09 ne538 postfix/qmgr[31440]: 4601E7AD8EE7: from=<[email protected]>, size=115624, nrcpt=1 (queue active)
Aug 12 15:59:09 ne538 postfix/pickup[16329]: 70E627AD8EE8: uid=1051 from=<joe>
Aug 12 15:59:09 ne538 postfix/cleanup[16320]: 70E627AD8EE8: message-id=<[email protected]>
Aug 12 15:59:09 ne538 postfix/error[16339]: 4601E7AD8EE7: to=<[email protected]>, relay=none, delay=0.45, delays=0.32/0/0/0.13, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mta5.am0.yahoodns.net[63.250.192.45] refused to talk to me: 421 4.7.0 [TS01] Messages from 85.159.145.207 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Aug 12 15:59:09 ne538 postfix/qmgr[31440]: 70E627AD8EE8: from=<[email protected]>, size=115630, nrcpt=1 (queue active)
Aug 12 15:59:09 ne538 postfix/pickup[16329]: 91B8A7AD8EE9: uid=1051 from=<joe>
Aug 12 15:59:09 ne538 postfix/cleanup[16210]: 91B8A7AD8EE9: message-id=<[email protected]>
Aug 12 15:59:09 ne538 postfix/smtp[7647]: 73BCC7AD8EE0: host mta6.am0.yahoodns.net[98.138.112.35] refused to talk to me: 421 4.7.0 [TS01] Messages from 85.159.145.207 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html
Aug 12 15:59:09 ne538 postfix/error[16335]: 70E627AD8EE8: to=<[email protected]>, relay=none, delay=0.52, delays=0.3/0/0/0.22, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mta5.am0.yahoodns.net[63.250.192.45] refused to talk to me: 421 4.7.0 [TS01] Messages from 85.159.145.207 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Aug 12 15:59:09 ne538 postfix/qmgr[31440]: 91B8A7AD8EE9: from=<[email protected]>, size=115625, nrcpt=1 (queue active)
Aug 12 15:59:09 ne538 postfix/pickup[16329]: C6C807AD8EEA: uid=1051 from=<joe>
Aug 12 15:59:09 ne538 postfix/cleanup[16320]: C6C807AD8EEA: message-id=<[email protected]>
Aug 12 15:59:09 ne538 postfix/smtp[7647]: 73BCC7AD8EE0: host mta5.am0.yahoodns.net[66.196.118.37] refused to talk to me: 421 4.7.0 [TS01] Messages from 85.159.145.207 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html
答案1
如果您希望允许某些用户访问本地邮件提交,则需要使用的参数是授权提交用户,唯一的问题是它是一个白名单,希望您没有很多需要发送电子邮件的本地用户。如果您有 postfix 2.4+,您可以使用如下格式:authorized_submit_users = !joe, static:all
即 joe 不,其他人是。
答案2
我相信本文将为您提供所需的信息: http://www.postfix.org/RESTRICTION_CLASS_README.html