1 (edited by Marcel F. 2013-10-30 00:01:11)

Topic: restrict sending mails globaly

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version:  CentOS 6.4
- Related log if you're reporting an issue:
====

Hi all,

i want to setup an mail server for internal testings only.
According to this requirement the mail server should only send mails to

- local configured domains (over iredadmin)
- some additional remote domains

All other domains should be rejected.

Whats the best way to achieve this?

Thanks
Marcel

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: restrict sending mails globaly

Hi Marcel,

I wrote a wiki tutorial about this restriction moment ago, hope it helps:
http://www.iredmail.org/wiki/index.php? … strictions

3

Re: restrict sending mails globaly

Hi Zhang,

thank you.
Can i use this procedure too if i use LDAP as backend?

Cheers,
Marcel

4

Re: restrict sending mails globaly

Oh, sorry for my mistake, i didn't see you're running OpenLDAP backend, my fault.

With OpenLDAP backend, if you have iRedAdmin-Pro, you can manage this restriction in user profile page directly. Screenshot attached.

If you don't have iRedAdmin-Pro, you can manage it with phpLDAPadmin (or other LDAP tools). Related LDAP attributes are:

- mailWhitelistRecipient (same as mailbox.allowedrecipients in SQL backend)
- mailBlacklistRecipient (same as mailbox.rejectedrecipients)
- amavisWhitelistSender (same as mailbox.allowedsenders)
- amavisBlacklistSender (same as mailbox.rejectedsenders)

Values for this LDAP attributes are the same as the ones used in SQL backends ('@.', '@domain.com', ...)

Screenshot of iRedAdmin-Pro:
http://www.iredmail.org/images/iredadmin/user_profile_restrictions.png

5 (edited by Marcel F. 2013-10-31 17:01:59)

Re: restrict sending mails globaly

Yes, i have iRedAdmin-Pro but, i want do restrict this globaly for all current and future users/domains.

6

Re: restrict sending mails globaly

It seems to be working now with the following changes:

in postfix's main.cf I changed the smtpd_recipient_restrictions to:

smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/relay_recipients, check_policy_service inet:127.0.0.1:7777, check_policy_service inet:127.0.0.1:10031, reject

The file /etc/postfix/relay_recipients looks like the following:

test.example.com OK
*.test.example.com OK

Is this so ok for the remaining features of iRedMail or do you see some problems in this changes?

7

Re: restrict sending mails globaly

It's OK.