Postfix/dovecot filter who can send mail on behalf of

dovecotfilterpostfixusers

I am using postfix + dovecot(imap+pop3) + mysql
I whant to explicity define users or groups that can send email on behalf of others
I was thinking doing this way:
for all local(mysql) authenticated users filter outgoing mail:
filter all mail by headers Return-Path/X-Original-To/From: field must matche authenticated user that sends it, otherwise bounce the email

Any ideas how to do this?

Best Answer

You can use smtpd_sender_login_maps and reject_authenticated_sender_login_mismatch in smtpd_sender_restrictions to restrict which MAIL FROM addresses logged in users can use. For example:

main.cf:

smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch

/etc/postfix/sender_login_maps:

alice@example.com       alice
bob@example.com         bob
charlie@example.com     charlie
marketing@example.com   alice,charlie

Don't forget to run postmap:

# postmap /etc/postfix/sender_login_maps

Related Solutions

Postfix/dovecot newbie: Can access mail on server via ssh, but not through mail client

Did you configure mail to access your mail using POP3/IMAP? If not, it will directly access your mbox.

Have a look at your maildir dovecot is using: mail_location = maildir:/home/vmail/%d/%n/Maildir and also the directory ~/mbox (default mbox directory).

Try to monitor /var/log/mail.log, without further information from there we won't be able to fix that problem.

Force dovecot to ignore pop3 requests to delete received email

Shortest answer

Short answer

Get sources of dovecot, grok code edit and remove DELE command. Compile, install and be ready to "upgrade nightmare"

Longer anser

NEVER ignore and violate RFC, according to which DELE in POP3-session must delete message in spool. Tell boss to fund technical solution, because it give in future alot less headache and problems

Solution for you task, not answer on question

Change MTA configuration and extend every mail-user on host into "dual-user" alias-system, i.e. ordinary user@yourdomain.com will transform into something like

user: user-m, user-b

there user-m & user-b are identical users (for MTA and Dovecot) with one difference: user-m have POP3-access, user-b have not.

You have to have *2 space for mail, but get manageable and full archives per user

Best Answer

Related Solutions

Postfix/dovecot newbie: Can access mail on server via ssh, but not through mail client

Force dovecot to ignore pop3 requests to delete received email

Related Topic