am 19.02.2007 16:45 schrieb David Woodhouse:
> On Mon, 2007-02-19 at 15:06 +0100, Peter Velan wrote:
>> all users which are allowed to send via our MTA must authenticate first.
>>
>> Could I block any non-authenticated senders (forging envelope from like
>> "*@ourdomain-#.tld") with the following construction?
>>
>> ...
>> acl_smtp_rcpt = acl_check_rcpt
>> ...
>> begin acl
>> acl_check_rcpt:
>> ...
>> accept authenticated = *
>>
>> deny !authenticated = *
>> senders = *@*.ourdomain-1.tld:*@*.ourdomain-2.tld
>> ...
>>
>> Should I be aware of any side effects?
>
> You'll be rejecting any mail which is forwarded to one of your users,
> but which also originated from one of your users.
How that? If one of my users is forwarding with his mailclient than he
must authenticate before.
Peter