Skip to content

Commit 72fbdda

Browse files
jnorelljnorell
committed
postfix server plugin: reject_unlisted_senders in smtpd_sender_restrictions
1 parent 8b85339 commit 72fbdda

File tree

1 file changed

+6
-4
lines changed

1 file changed

+6
-4
lines changed

server/plugins-available/postfix_server_plugin.inc.php

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -161,9 +161,10 @@ function update($event_name, $data) {
161161
if ($mail_config['reject_sender_login_mismatch'] == 'y') {
162162
array_splice($new_options, 0, 0, array('reject_authenticated_sender_login_mismatch'));
163163

164+
// insert before permit_sasl_authenticated
164165
for ($i = 0; isset($new_options[$i]); $i++) {
165-
if ($new_options[$i] == 'permit_mynetworks') {
166-
array_splice($new_options, $i+1, 0, array('reject_sender_login_mismatch'));
166+
if ($new_options[$i] == 'permit_sasl_authenticated') {
167+
array_splice($new_options, $i, 0, array('reject_sender_login_mismatch'));
167168
break;
168169
}
169170
}
@@ -358,7 +359,8 @@ function update($event_name, $data) {
358359
exec("postconf -e 'milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}'");
359360
exec("postconf -e 'milter_default_action = accept'");
360361

361-
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
362+
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender'");
363+
362364

363365
$new_options = array();
364366
$options = preg_split("/,\s*/", exec("postconf -h smtpd_recipient_restrictions"));
@@ -397,7 +399,7 @@ function update($event_name, $data) {
397399
exec("postconf -e 'content_filter = " . ($configure_lmtp ? "lmtp" : "amavis" ) . ":[127.0.0.1]:10024'");
398400

399401
// fixme: should read this from conf templates
400-
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf'");
402+
exec("postconf -e 'smtpd_sender_restrictions = ${raslm} check_sender_access regexp:/etc/postfix/tag_as_originating.re, permit_mynetworks, check_sender_access proxy:mysql:/etc/postfix/mysql-virtual_sender.cf, ${rslm} permit_sasl_authenticated, reject_non_fqdn_sender, reject_unlisted_sender, check_sender_access regexp:/etc/postfix/tag_as_foreign.re'");
401403
}
402404
}
403405

0 commit comments

Comments
 (0)