2

We're running Postfix 2.3.3 on CentOS 5.4 for our SMTP service. Fairly standard setup with about 450 users. We're using a standard /etc/aliases file with includes to create various dynamically-generate aliases, including an "all staff" email address.

Management would like use of certain of these aliases to be limited to authorized senders and other aliases to be open to all. Is there an option to set up ACLs for individual aliases such that only certain senders are successfully delivered to those aliases?

I have no problem with it being accepted and a rejection message being sent. The folks doing the CC to the entire universe don't understand how 'Reply All' works anyway and as much as 10 years of reminders hasn't gotten through to them.

Magellan
  • 4,451
  • 3
  • 30
  • 53
  • 2
    You might want to look into mailing list software as well - "mailman" gives you a nice web interface for managing this functionality. It isn't what you were asking for, but I think it is worth looking into. I especially like it for the "all staff" list, and leave it moderated always, so it doesn't matter who you are, it requires an extra approval process before everyone get's spammed. – Neil Neely Jun 02 '11 at 16:25
  • Mailman, specifically, is the fallback position. But I'd rather not have to train up my technicians on how to manage yet another piece of software if I don't have to. Mailman is quite easy, having used it elsewhere, but less complicated is much preferred in this case. – Magellan Jun 02 '11 at 16:36

1 Answers1

1

You can use the smtpd_restriction_classes setting in main.cf to specify a map of allowed senders. Check out this page: http://www.postfix.org/RESTRICTION_CLASS_README.html

barryj
  • 978
  • 1
  • 5
  • 8
  • 1
    We finally got a chance to revisit this one at the office. Before you blindly go down the rabbit hole suggested by barryj, consider this warning from the Postfix folks: These questions come up frequently, and the examples hopefully make clear that Postfix restriction classes aren't really the right solution. They should be used for what they were designed to do, different junk mail restrictions for different clients or users. – Magellan Oct 17 '11 at 22:40