postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: Restricting SASL?

Re: Restricting SASL?

From: Matt Hayes <dominian_at_nospam>
Date: Mon Oct 04 2010 - 13:17:45 GMT
To: postfix-users@postfix.org

On 10/4/2010 8:47 AM, Nicholas Sideris wrote:
> Hello,
>
> Assuming that I had enabled SASL mechanism. Can I use a mysql: something
> list (probably a custom query probing the user table for "1" in a
> particular column) to restrict the access to SMTP relay to a very few users?
>
> eg.
>
> *smtpd_sender_login_maps = mysql:/server/etc/postfix/allowrelay.sql*
> *
> *
> *
> with allowrelay.sql something like that?
>
> hosts = unix:/var/lib/mysql/mysql.sock
>
>
> user = someuser
>
>
> password = somepassword
>
>
> dbname = mail_postfix
>
>
> query = SELECT `address` FROM `mailbox` WHERE `address` = '%s' AND
> `relay` = '1';
>
>
> Is this going to do the trick?
> *

Relaying through your SMTP server should already be, by default,
restricted to localhost and $mynetworks.

Just configure submission (port 587) in master.cf and use that for
authenticated email. Then configure postfix to allow that to relay; done.

-Matt