服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Postfix“authorized_submit_users”不影响dovecot sasl
Intereting Posts
使用定制的Docker容器在Azure上的NameLookup问题 有关创build群集文件共享的说明 使用PC /廉价PC作为服务器与用于服务器的硬件有什么不利之处? IPv6路由器通告 在节点崩溃之后,Glusterd不会启动 机架安装电源:NEMA 5或IEC C14? networking故障后的DRBD状态变为主要/未知 关联不使用FQDN的SQL Server的SSL证书 没有从/etc/init.d/postfix输出启动 login到SSMS时,新的SQL Server用户无法查看数据库 如何使用Windows 10客户端为家庭networking设置Server 2012 + Active Directory? 域名正在转发到我的本地主机,不知道为什么 我的初始化脚本没有出现在服务自动完成 Monit系统pipe理系统的M / Monit接口的免费替代scheme 服务php-fpm没有获得用户权限

Postfix“authorized_submit_users”不影响dovecot sasl

我正在使用postfix和dovecot SASL进行smtpauthentication

在Postfix我使用“authorized_submit_users”来禁止特定的用户发送邮件 

authorized_submit_users = !user, static:all

但我意识到它只适用于“后缀/ sendmail”,但不适用于dovecot SASLlogin

这里是我在日志中得到的,如果我在服务器上本地使用“邮件”cli工具 

 postfix/sendmail[9649]: fatal: User zuser(8000) is not allowed to submit mail

但是当我以不允许的用户帐户login到Roundcube并尝试发送邮件时,邮件被排队并发送 

 postfix/submission/smtpd[9767]: E5D1C1C01A5: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username=zuser

这是我的configuration 

 postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no authorized_submit_users = !zuser, static:all biff = no home_mailbox = Maildir/ inet_protocols = ipv4 local_recipient_maps = proxy:unix:passwd.byname $alias_maps mailbox_size_limit = 0 mydestination = $myhostname localhost.$mydomain localhost $mydomain myhostname = mail.xxxxxxxxx.com mynetworks = 127.0.0.0/8 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = [smtp.mailgun.org]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt smtp_tls_loglevel = 3 smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1 smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1 smtp_tls_security_level = verify smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_tls_CAfile = /etc/letsencrypt/live/xxx/fullchain.pem smtpd_tls_cert_file = /etc/letsencrypt/live/xxx/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/xxx/privkey.pem smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1 smtpd_tls_security_level = may smtpd_tls_session_cache_database=btree:${data_directory}/smtpd_scache smtpd_use_tls = yes /etc/postfix/maste.cf smtp inet n - y - - smtpd submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_wrappermode=no -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_recipient_restrictions= permit_mynetworks,permit_sasl_authenticated,reject -o milter_macro_daemon_name=ORIGINATING -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth

那么反正我可以不允许用户通过SASL发送邮件?