On 23 Jan 2025, at 17:55, Wietse Venema via Postfix-users <[email protected]> wrote: > > Gerben Wierda via Postfix-users: >> I was wondering, suppose I have a user like this: >> >> [email protected] is the account name >> [email protected] is the incoming alias and the outgoing canonical >> >> Could I force incoming mail to accept the alias form, but not >> accept the account form? I.e. [email protected] as address is blocked, >> but [email protected] is accepted and delivered to [email protected] >> >> The spammers that send to my systems use the account form (and not >> the alias/canonical) a lot, that's why I'm asking >> >> I can of course create a new account form ([email protected]) and use >> aliases/canonicals on that, but that might not take hold in the >> long term and I would have to let users change their auth settings >> (which now is user 'foo' and 'password') > > Could this be as simple as an smtpd_recipient_restriction > > /etc/postfix/main.cf > smtpd_recipient_restriction = > ... > reject_unauth_destination > check_recipient_access pcre:/etc/postfix/reject-account.pcre > ... > > /etc/postfix/reject-account.pcre: > /^[^.]+@example\.com$/ reject must use the first.last form > > Or the hard-core form: > > /etc/postfix/main.cf > smtpd_recipient_restriction = > ... > reject_unauth_destination > check_recipient_access pcre:{{/^[^.]+@example\.com$$/ > reject must use the first.last form}} > ... > > If this is intended only for *some* accounts, then you need one > to enumerate the forbidden forms. > > Wietse
That is a good one. That will work. Thanks. Now, the only thing I would like to add — if possible — is to use this only for smtp traffic coming from outside on port 25 and not from inside or port submission, such that internal senders may use the simple [email protected] form but outside port 25 users may not. And then I set it to drop so they can't get the backscatter to my user via my backup SMTP service (which is part of the actual 'problem' I'm trying to solve). Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>, Mastodon <https://newsie.social/@gctwnl>, Bluesky <https://bsky.app/profile/gerbenwierda.bsky.social>) R&A IT Strategy <https://ea.rna.nl/> (main site) Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/> Book: Mastering ArchiMate <https://ea.rna.nl/mastering-archimate-edition-3-2/> YouTube Channel <http://www.youtube.com/@GerbenWierda> > _______________________________________________ > Postfix-users mailing list -- [email protected] > <mailto:[email protected]> > To unsubscribe send an email to [email protected] > <mailto:[email protected]>
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
