Для надсилання пошти з службовими повідомленями потрібно надсилати пошту без авторизації.
Налаштування надсилання пошти без авторизації вказано тут
https://docs.iredmail.org/allow.user.to.send.email.without.authentication.html
Postfix
Create a plain text file: /etc/postfix/sender_access.pcre, list all users' email addresses which are allowed to send email without smtp authentication. We use user email address user@example.com for example:
To bypass sender IP address or network, for example, 192.168.0.1 and 192.168.1.0/24, please add setting in /opt/iredapd/settings.py like below:
Налаштування надсилання пошти без авторизації вказано тут
https://docs.iredmail.org/allow.user.to.send.email.without.authentication.html
Postfix
Create a plain text file: /etc/postfix/sender_access.pcre, list all users' email addresses which are allowed to send email without smtp authentication. We use user email address user@example.com for example:
/^user@example\.com$/ OK
It's ok to use IP address instead like below:
For more allowed sender format, please check Postfix manual page: access(5).
It's ok to use IP address instead like below:
For more allowed sender format, please check Postfix manual page: access(5).
/^192\.168\.1\.1$/ OK
/^192\.168\.2\./ OK
/^172\.16\./ OK
Update Postfix config file /etc/postfix/main.cf to use this pcre file:
Update Postfix config file /etc/postfix/main.cf to use this pcre file:
smtpd_sender_restrictions =
check_sender_access pcre:/etc/postfix/sender_access.pcre,
[...OTHER RESTRICTIONS HERE...]
Restart/reload postfix to make it work:
Restart/reload postfix to make it work:
# /etc/init.d/postfix restart
iRedAPD
iRedAPD plugin reject_sender_login_mismatch will check forged sender address. If sender domain is hosted on your server, but no smtp auth, it will be considered as a forged email. In this case, iRedAPD will reject this email (with rejection message: Policy rejection not logged in), so we need to bypass the sender email address. If email is sent from an internal network device like printer, fax, we can also add its IP address directly.
To bypass sender email address user@example.com, please add setting in /opt/iredapd/settings.py like below:
iRedAPD
iRedAPD plugin reject_sender_login_mismatch will check forged sender address. If sender domain is hosted on your server, but no smtp auth, it will be considered as a forged email. In this case, iRedAPD will reject this email (with rejection message: Policy rejection not logged in), so we need to bypass the sender email address. If email is sent from an internal network device like printer, fax, we can also add its IP address directly.
To bypass sender email address user@example.com, please add setting in /opt/iredapd/settings.py like below:
ALLOWED_FORGED_SENDERS = ['user@example.com']
To bypass sender IP address or network, for example, 192.168.0.1 and 192.168.1.0/24, please add setting in /opt/iredapd/settings.py like below:
MYNETWORKS = ['192.168.0.1', '192.168.1.0/24']
Restarting iRedAPD service is required if you updated /opt/iredapd/settings.py.
Але якщо сервери в зовсім іншій мережі, то postfix блокує приймання з повідомленням
"Helo command rejected" або "Sender Address rejected".
Потрібно в /etc/postfix/main.cf додати мережу відправника в перелік
mynetworks = xxx.xxx.xxx.xxx
Restarting iRedAPD service is required if you updated /opt/iredapd/settings.py.
Але якщо сервери в зовсім іншій мережі, то postfix блокує приймання з повідомленням
"Helo command rejected" або "Sender Address rejected".
Потрібно в /etc/postfix/main.cf додати мережу відправника в перелік
mynetworks = xxx.xxx.xxx.xxx
Коментарі
Дописати коментар