On Mon, 2007-02-19 at 15:06 +0100, Peter Velan wrote:
> all users which are allowed to send via our MTA must authenticate first.
>
> Could I block any non-authenticated senders (forging envelope from like
> "*@ourdomain-#.tld") with the following construction?
>
> ...
> acl_smtp_rcpt = acl_check_rcpt
> ...
> begin acl
> acl_check_rcpt:
> ...
> accept authenticated = *
>
> deny !authenticated = *
> senders = *@*.ourdomain-1.tld:*@*.ourdomain-2.tld
> ...
>
> Should I be aware of any side effects?
You'll be rejecting any mail which is forwarded to one of your users,
but which also originated from one of your users.
--
dwmw2
