1 Topic by kyominky

  • kyominky
  • Member
  • Offline
  • Registered: 2016-08-18
  • Posts: 5

Topic: Only allow same domain received on my alias

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.8.3
- Linux/BSD distribution name and version: CentOS release 6.6 (Final)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? iRedAdmin
- Related log if you're reporting an issue: N/A
====

Haloo Iredmail Support,

I have problem, I have domain @example.com (act as my Iredmail server), and I want some of my specific email account and alias can receive only from @example.com, not from anywhere else.

The reason is i already created alias email (list@example.com) and alias (aliaslist@example.com) (using forwardingmail attribute) that function as mailing list.
But recently we receive email from  ex-employee that know the address sent from they private mail address (google,yahoo, etc) and we dont want that happen again.

Please help me.. sad

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by RikuS

  • RikuS
  • Member
  • Offline
  • Registered: 2016-06-10
  • Posts: 116

Re: Only allow same domain received on my alias

Try using white and blacklists: http://www.iredmail.org/docs/amavisd.wblist.html

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Only allow same domain received on my alias

kyominky wrote:

- iRedMail version (check /etc/iredmail-release): 0.8.3

You're running a very old iRedMail release. Could you please show me output of commands below?

ls -l /opt/
ls -l /opt/iredapd/plugins/

let me check whether your old iRedAPD can do this job.

4 Reply by kyominky

  • kyominky
  • Member
  • Offline
  • Registered: 2016-08-18
  • Posts: 5

Re: Only allow same domain received on my alias

RikuS wrote:

Try using white and blacklists: http://www.iredmail.org/docs/amavisd.wblist.html

Thanks Rikus,
I cannot find any path in my server for that tutorial.

5 Reply by kyominky

  • kyominky
  • Member
  • Offline
  • Registered: 2016-08-18
  • Posts: 5

Re: Only allow same domain received on my alias

ZhangHuangbin wrote:
kyominky wrote:

- iRedMail version (check /etc/iredmail-release): 0.8.3

You're running a very old iRedMail release. Could you please show me output of commands below?

ls -l /opt/
ls -l /opt/iredapd/plugins/

let me check whether your old iRedAPD can do this job.

Thanks Zhang, I really need your help.

There you go:

[root@mail home]# ls -l /opt/
total 147372
-rw-r--r--  1 root    root      1837593 Jan 14  2015 14jan.sql
-rw-r--r--  1 root    root            0 May  1  2014 aku.txt
drwxr-xr-x  4 root    root         4096 May 22  2013 backup
drwxr-xr-x  3 root    root         4096 Dec 24  2014 chrissieve
-rw-r--r--  1 root    root      1090427 Jul 25  2014 dbks24jul.sql
-rw-r--r--  1 root    root          188 Jun  9  2014 dia.txt
lrwxrwxrwx. 1 root    root           18 Jan 14  2013 iredapd -> /opt/iRedAPD-1.3.8
drwxr-xr-x. 5 iredapd iredapd      4096 May 27 16:46 iRedAPD-1.3.8
-rw-r--r--  1 root    root            0 Dec 20  2014 jalan.txt
-rw-r--r--  1 root    root       454385 Jun 27  2014 keren.txt
-rw-r--r--  1 root    root      2826013 May 12  2014 kk.txt
-rw-r--r--  1 root    root    139438080 Jul 25  2014 ks24jul.tar.gz
drwxr-xr-x  3 root    root         4096 May 13  2014 ksbkp
drwxr-xr-x  3 root    root         4096 May  1  2014 ksfull
-rw-r--r--  1 root    root         1745 Nov  7  2008 linux_signing_key.pub
-rw-r--r--  1 root    root      5210650 Mar 21  2014 mod-pagespeed-stable_current_x86_64.rpm
-rw-r--r--  1 root    root          408 Jun 12  2013 modul.txt
-rw-r--r--  1 root    root         1397 Jun 14  2014 oke.txt
-rw-r--r--  1 root    root         3339 May 13  2014 suit.txt
[root@mail home]# ls -l /opt/iredapd/plugins/
ls: cannot access /opt/iredapd/plugins/: No such file or directory
[root@mail home]#

6 Reply by kyominky

  • kyominky
  • Member
  • Offline
  • Registered: 2016-08-18
  • Posts: 5

Re: Only allow same domain received on my alias

may this also helps:

[root@mail opt]# ls -al iredapd/
total 32
drwxr-xr-x. 5 iredapd iredapd 4096 May 27 16:46 .
drwxr-xr-x. 7 root    root    4096 Mar  4  2015 ..
-rwxr-xr-x. 1 iredapd iredapd 3292 Aug 19  2012 ChangeLog
drwxr-xr-x. 2 iredapd iredapd 4096 Jan 14  2013 etc
-rwxr-xr-x. 1 iredapd iredapd  225 Aug 19  2012 INSTALL
drwxr-xr-x. 2 iredapd iredapd 4096 Jan 14  2013 rc_scripts
-rwxr-xr-x. 1 iredapd iredapd  886 Aug 19  2012 README.md
drwxr-xr-x. 5 iredapd iredapd 4096 Jan 14  2013 src

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Only allow same domain received on my alias

For access restriction of mailing list account, you can use iRedAPD plugin "ldap_maillist_access_policy". Just update LDAP attribute "accessPolicy" of your mailing list account to 'domain' or 'subdomain', then only senders from same domain or same domain + sub-domains can send email to this mailing list account.

Note: it doesn't support mail alias account.

kyominky wrote:

lrwxrwxrwx. 1 root    root           18 Jan 14  2013 iredapd -> /opt/iRedAPD-1.3.8

You're running iRedAPD-1.3.8, that's too old. The latest iRedAPD-1.9.1 has a new plugin called "amavisd_wblist", it does the work as @RikuS mentioned. I suggest you upgrade it to 1.9.1, then achieve your feature with per-user white/blacklists like this:

- Block all senders (@.)
- All senders from same domain (@mydomain.com)

8 Reply by kyominky

  • kyominky
  • Member
  • Offline
  • Registered: 2016-08-18
  • Posts: 5

Re: Only allow same domain received on my alias

Thanks Zhang for your feedback.
The issue is not to send out email, but receiving email. We dont mind the member of the mailing list send out any email, but we just want that the mailing list only accept/receive email from @mydomain only.
Can I achieve this? maybe from postfix layer?
Thanks Zhang, really appreciate it.

9 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,788

Re: Only allow same domain received on my alias

I was talking about receiving.

- For mailing list, if you have iRedAdmin-Pro, just go to profile page of this mailing list account, set the access policy to 'Domain' (or subdomain). if you don't have iRedAdmin-Pro, update LDAP attribute "accessPolicy" of your mailing list account to 'domain' or 'subdomain', then only senders from same domain or same domain + sub-domains can send email to this mailing list account.

- For per-user setting, please do it with per-user white/blacklisting (with iRedAPD plugin "amavisd_wblist"):

* Block all senders (@.)
* Allow all senders from same domain (@mydomain.com)

This can be done with iRedAdmin-Pro, or '/opt/iredapd/tools/wblist_admin.py' from command line (again, iRedAPD-1.9.1).

We have tutorial to help you upgrade iRedAPD:
http://www.iredmail.org/docs/upgrade.iredapd.html

if you're not familiar with it, or don't want to get your hands dirty, consider buying our support service to get it done:
http://www.iredmail.org/support.html