[Postfix-es] Sobre archivos de la lista

Natxo Asenjo natxete en asenjo.nl
Jue Mayo 11 14:03:56 CEST 2006 

On Thu, 11  May  2006,  07:40:35AM -0500¨, Yuri Arbelo Gonzalez said:
> 
> Amigos es que no tengo internet comprenden por eso pido de favor q me ayuden

bueno, venga ..., sin que sirva de precendente y porque sé lo mal que
está lo de conectarse a internet en Cuba. Eso sí, está en inglés y no
tengo tiempo de traducirlo:

http://www.postfix.org/RESTRICTION_CLASS_README.html

Restricting what users can send mail to off-site destinations

    How can I configure Postfix in a way that some users can send mail
to the internet and other users not. The users with no access should
receive a generic bounce message. Please don't discuss whether such
access restrictions are necessary, it was not my decision.

Postfix has support for per-user restrictions. The restrictions are
implemented by the SMTP server. Thus, users that violate the policy have
their mail rejected by the SMTP server. Like this:

554 <user en remote>: Access denied

The implementation uses two lookup tables. One table defines what users
are restricted in where they can send mail, and the other table defines
what destinations are local. It is left as an exercise for the reader to
change this into a scheme where only some users have permission to send
mail to off-site destinations, and where most users are restricted.

The example assumes DB/DBM files, but this could also be done with LDAP
or SQL.

/etc/postfix/main.cf:
    smtpd_recipient_restrictions =
        check_sender_access hash:/etc/postfix/restricted_senders
        ...other stuff...

    smtpd_restriction_classes = local_only
    local_only = 
        check_recipient_access hash:/etc/postfix/local_domains, reject

/etc/postfix/restricted_senders:
    foo en domain      local_only
    bar en domain      local_only

/etc/postfix/local_domains:
    this.domain     OK      matches this.domain and subdomains
    that.domain     OK      matches that.domain and subdomains

Specify dbm instead of hash if your system uses dbm files instead of db
files. To find out what map types Postfix supports, use the command
postconf -m.

Note: this scheme does not authenticate the user, and therefore it can
be bypassed in several ways:

    *

      By sending mail via a less restrictive mail relay host.
    *

      By sending mail as someone else who does have permission to send
mail to off-site destinations.
http://www.postfix.org/RESTRICTION_CLASS_README.html

-- 
Saludos,
J.I.Asenjo

Más información sobre la lista de distribución Postfix-es