2016-05-19 06:51:20 -05:00
<!DOCTYPE html>
2014-12-10 05:27:09 -06:00
< html >
< head >
< meta http-equiv = "Content-Type" content = "text/html; charset=utf-8" / >
2015-12-23 04:10:41 -06:00
< title > [DEPRECATED] Per-user outbound restrictions< / title >
2015-07-31 23:14:52 -05:00
< link rel = "stylesheet" type = "text/css" href = "./css/markdown.css" / >
2014-12-10 05:27:09 -06:00
< / head >
< body >
< div id = "navigation" >
2017-11-16 21:48:44 -06:00
< a href = "https://www.iredmail.org" target = "_blank" >
2016-04-19 12:48:51 -05:00
< img alt = "iRedMail web site"
src="./images/logo-iredmail.png"
style="vertical-align: middle; height: 30px;"
/>
< span > iRedMail< / span >
< / a >
2016-02-29 02:15:19 -06:00
// < a href = "./index.html" > Document Index< / a > < / div > < h1 id = "deprecated-per-user-outbound-restrictions" > [DEPRECATED] Per-user outbound restrictions< / h1 >
2017-12-29 22:02:52 -06:00
< div class = "admonition warning" >
< p class = "admonition-title" > DEPRECATED< / p >
< p > < strong > WARNING: THIS DOCUMENT IS < em > DEPRECATED< / em > , PLEASE use per-user
white/blacklists instead, < a href = "./manage.iredapd.html" > doc here< / a > .< / strong > < / p >
< / div >
2015-06-26 20:50:52 -05:00
< h2 id = "sql-backends" > SQL backends< / h2 >
2014-12-10 05:27:09 -06:00
< p > iRedAPD (a simple Postfix policy server developed by iRedMail team) provides
2015-06-26 20:50:52 -05:00
plugin < code > sql_user_restrictions< / code > for per-user inbound/outbound restrictions.< / p >
2014-12-10 05:27:09 -06:00
< p > Please make sure plugin < code > sql_user_restrictions< / code > is enabled in iRedAPD config
file < code > /opt/iredapd/settings.py< / code > like below:< / p >
2015-06-26 20:50:52 -05:00
< pre > < code class = "python" > # Part of file: /opt/iredapd/settings.py
2014-12-10 05:27:09 -06:00
plugins = [..., 'sql_user_restrictions']
< / code > < / pre >
< p > Restarting iRedAPD service is required if you modified < code > /opt/iredapd/settings.py< / code > .< / p >
2015-06-26 20:50:52 -05:00
< p > You can store allowed or disallowed recipient in 2 SQL columns in < code > vmail< / code > database:< / p >
2014-12-10 05:27:09 -06:00
< ul >
< li > < code > mailbox.rejectedrecipients< / code > : disallow user to send email to listed recipients.< / li >
< li > < code > mailbox.allowedrecipients< / code > : allow user to send email to listed recipients.< / li >
< / ul >
< p > Valid sender/recipient formats are:< / p >
< ul >
< li > < code > @.< / code > : all addresses (user, domain, sub-domain). Be careful: There's a dot after < code > @< / code > .< / li >
< li > < code > @domain.com< / code > : entire domain.< / li >
< li > < code > @.domain.com< / code > : entire domain and all its sub-domains. Be careful: There's a dot after < code > @< / code > .< / li >
< li > < code > user@domain.com< / code > : single email address< / li >
2015-01-31 04:20:42 -06:00
< li > empty value means no restriction.< / li >
2014-12-10 05:27:09 -06:00
< / ul >
2015-06-26 20:50:52 -05:00
< p > NOTE: Multiple recipients must be separated by comma (< code > ,< / code > ).< / p >
2014-12-10 05:27:09 -06:00
< p > Sample usage:< / p >
< ul >
2015-06-26 20:50:52 -05:00
< li > allow local mail user < code > user@example.com< / code > to send to domain (< code > example.com< / code > )
and < code > gmail.com< / code > , but not others.< / li >
2014-12-10 05:27:09 -06:00
< / ul >
2015-06-16 07:53:58 -05:00
< pre > < code class = "sql" > sql> USE vmail;
sql> UPDATE mailbox
SET
2015-06-26 20:50:52 -05:00
rejectedrecipients='@.',
2015-06-16 07:53:58 -05:00
allowedrecipients='@example.com,@gmail.com'
WHERE
2014-12-10 05:27:09 -06:00
username='user@example.com';
< / code > < / pre >
< h2 id = "openldap-backend-special" > OpenLDAP backend special< / h2 >
< p > OpenLDAP backend requires iRedAPD plugin < code > ldap_amavisd_block_blacklisted_senders< / code > .< / p >
< ul >
< li >
< p > If you have iRedAdmin-Pro, you can manage this restriction in user profile page.< / p >
< / li >
< li >
< p > If you don't have iRedAdmin-Pro, you can manage it with phpLDAPadmin or other
LDAP management tools. Related LDAP attributes are:< / p >
< ul >
< li > < code > mailWhitelistRecipient< / code > : same as SQL < code > mailbox.allowedrecipients< / code > < / li >
< li > < code > mailBlacklistRecipient< / code > : same as < code > mailbox.rejectedrecipients< / code > < / li >
< / ul >
< / li >
< / ul >
2015-06-26 20:50:52 -05:00
< p > Values for these LDAP attributes use the same format as mentioned above.< / p >
< p > Note: multiple recipients must be stored in multiple attributes like below:< / p >
< pre > < code > mailWhitelistRecipient: @example.com
mailWhitelistRecipient: @gmail.com
mailWhitelistRecipient: @iredmail.org
2016-05-19 06:51:20 -05:00
< / code > < / pre > < div class = "footer" >
2017-11-16 21:48:44 -06:00
< p style = "text-align: center; color: grey;" > All documents are available in < a href = "https://bitbucket.org/zhb/iredmail-docs/src" > BitBucket repository< / a > , and published under < a href = "http://creativecommons.org/licenses/by-nd/3.0/us/" target = "_blank" > Creative Commons< / a > license. You can < a href = "https://bitbucket.org/zhb/iredmail-docs/get/tip.tar.bz2" > download the latest version< / a > for offline reading. If you found something wrong, please do < a href = "https://www.iredmail.org/contact.html" > contact us< / a > to fix it.< / p >
2016-05-19 06:51:20 -05:00
< / div >
2017-11-05 02:33:58 -06:00
<!-- Global site tag (gtag.js) - Google Analytics -->
< script async src = "https://www.googletagmanager.com/gtag/js?id=UA-3293801-21" > < / script >
< script >
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
2015-02-05 07:02:53 -06:00
2017-11-05 02:33:58 -06:00
gtag('config', 'UA-3293801-21');
2014-12-10 05:27:09 -06:00
< / script >
< / body > < / html >