We're trying to use PostFix to check whether the sender email-address is permitted to send to a specific email-address.
Another way to describe it would be that I want specific e-mailaddresses to only allow incoming messages (not SMTP logins) from specific e-mailaddresses.
Will something like this work? main.cf:
smtpd_recipient_restrictions =
[other restrictions here]
check_sender_access
mysql:/etc/postfix/restricted_senders_to_recipents.cf
restricted_senders_to_recipents.cf:
user = uname
password = pword
hosts = 127.0.0.1
dbname = dbname
#!!!PSEUDOCODE!!!
query = SELECT allowed FROM members WHERE sender = %sender AND recipent = %recipent;
Is this possible? If then how?
I know that aliases with MySQL works this way since we're already using it. (http://www.postfix.org/mysql_table.5.html)
The short answer is PROBABLY NO.
Postfix supports per sender/recipient/client restriction with Postfix Per-Client/User/etc. Access Control with
smtpd_restriction_classes
. With your requirement, you must dynamically setsmtpd_restriction_classes
parameter, but it doesn't work with postfix.As workaround, you could use Milter (See the documentation) or something like Postfwd or PolicyD
Seems you can accomplish this in a two part process.
First, create a smtpd_sender_restriction that is a mysql lookup for addresses who bleong to the class of users who need the acl:
Next, because that mysql lookup will return a class of users, you can assign that class of users to do anohter lookup to decide if the mail can be sent:
whitelist = check_sender_access proxy:mysql:/etc/postfix/whitelist.cf, reject
This two part lookup should do what you need.
Reference