"Chris Hodgetts" <chris at archnetnz.com> writes:
> I was wondering what the best way to restrict e-mail is. Basically I
> want to create a White list that allows mail to and from a set group
> of people.
Since you use postfix, use 'check_recipient_access' in the
smtpd_recipient_restrictions section of main.cf, which will allow you to
create your whitelist and then block everything else.
That is a global setting, though, not per-user.
> Inbound I can do with Procmail but I am not sure how to restrict
> outbound addresses, and ideally I would like to just maintain one
> white list.
>
> I only want to do this for ONE account on the server, SMTP is using
> SMTP Auth so there might be something there that I can utilise.
For that, though, you probably need a hand-written policy daemon to
identify both the sender and recipient, and act on that. The version of
Postfix you have supports that, and writing a policy daemon isn't /that/
hard.
See the simple greylist example that Postfix ships, or that is on their
website, for the Perl code.
Blocking outbound mail from that one account is a much harder job than
blocking inbound, though, as you note. Most threat models with email
assume that internal senders are at least semi-trusted.
Perhaps if you outline why you want to do this there is a better way to
achieve your goals overall?
Regards,
Daniel
--
Digital Infrastructure Solutions -- making IT simple, stable and secure
Phone: 0401 155 707 email: contact at digital-infrastructure.com.au
http://digital-infrastructure.com.au/
| More information about the AuckLUG mailing list |
If you have any questions or comments about this page, email the
Webmaster Design Copyright © 1998-2005 Linux.net.nz |