aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--roles/mail/files/postfix/login-maps.pcre33
-rw-r--r--roles/mail/templates/postfix/main.cf.j27
2 files changed, 37 insertions, 3 deletions
diff --git a/roles/mail/files/postfix/login-maps.pcre b/roles/mail/files/postfix/login-maps.pcre
new file mode 100644
index 0000000..1f14223
--- /dev/null
+++ b/roles/mail/files/postfix/login-maps.pcre
@@ -0,0 +1,33 @@
+#
+# $config_directory/login-maps.pcre
+# Postfix: smtpd_sender_login_maps
+#
+# Lookup table with the SASL login names that own the sender
+# (MAIL FROM) addresses.
+#
+# NOTE:
+# Add "reject_sender_login_mismatch" to $smtpd_sender_restrictions .
+#
+# NOTE
+# ----
+# By default an SMTP client may specify *any* envelope sender address
+# in the "MAIL FROM" command, because the server only knows the remote
+# client's hostname and IP address, but not the user who controls the
+# remote client.
+# But the Postfix SMTP server knowns who the sender is once the SASL
+# authentication is used. This table file provides the maps betwee
+# envelope sender addresses and SASL login names, which is used by the
+# server to decide if the SASL authenticated client is allowed to use
+# a particular envelope sender address.
+#
+# References:
+# * Postfix SASL HOWTO - Envelope sender address authorization
+# http://www.postfix.org/SASL_README.html#server_sasl_authz
+#
+
+# Enforce that user can only send from their own sender address.
+# Credit: https://serverfault.com/a/710235/387898
+#
+# Envelope sender | Owner (SASL login names)
+# ---------------------------------------------------------------------
+/^(.*)$/ ${1}
diff --git a/roles/mail/templates/postfix/main.cf.j2 b/roles/mail/templates/postfix/main.cf.j2
index 1126adf..914d45b 100644
--- a/roles/mail/templates/postfix/main.cf.j2
+++ b/roles/mail/templates/postfix/main.cf.j2
@@ -503,10 +503,11 @@ smtpd_sender_restrictions =
reject_unknown_sender_domain,
reject_sender_login_mismatch
-# A lookup table maps between the envelope sender addresses and SASL
-# login names (i.e., the owners).
+# A lookup table maps between the SASL login names that own the sender
+# (MAIL FROM) addresses, i.e., the address(es) the user allowed to sent
+# mail from.
#
-smtpd_sender_login_maps = $virtual_mailbox_maps
+smtpd_sender_login_maps = pcre:$config_directory/login-maps.pcre
# Use permanet 550 errors for rejections, to stop retries.
# Tell Postfix to reject messages that match the rejection criteria