From 2caad1713e1dd64a7f4db9a27984b4762a0694b5 Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Mon, 7 Mar 2016 07:48:17 +0100 Subject: smtpd.conf: Do a masquerade on senders table MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only lets people send using their proper addresses. Signed-off-by: Johannes Löthberg --- common/senders | 4 ++++ lucifer.kyriasis.com/smtpd.conf | 9 +++++---- theos.kyriasis.com/smtpd.conf | 13 +++++++------ 3 files changed, 16 insertions(+), 10 deletions(-) create mode 100644 common/senders diff --git a/common/senders b/common/senders new file mode 100644 index 0000000..79fe0ac --- /dev/null +++ b/common/senders @@ -0,0 +1,4 @@ +sysbunny: @lucifer.kyriasis.com,sysbunny@kyriasis.com,erik@kyriasis.com +grawity: grawity@theos.kyriasis.com,grawity@kyriasis.com +halosghost: halosghost@theos.kyriasis.com,halosghost@kyriasis.com +kyrias: @theos.kyriasis.com,@kyriasis.com diff --git a/lucifer.kyriasis.com/smtpd.conf b/lucifer.kyriasis.com/smtpd.conf index 0f0efc7..2db7f99 100644 --- a/lucifer.kyriasis.com/smtpd.conf +++ b/lucifer.kyriasis.com/smtpd.conf @@ -12,19 +12,20 @@ pki lucifer.kyriasis.com key "/etc/smtpd/certs/lucifer.kyriasis.com.key" # If you edit the file, you have to run "smtpctl update table users" table users file:/etc/smtpd/users +table sendertable file:/etc/smtpd/senders ## # Listen directives # -listen on eth0 port 25 tls pki lucifer.kyriasis.com auth-optional -listen on eth0 port 587 tls-require pki lucifer.kyriasis.com auth -listen on eth0 port 465 smtps pki lucifer.kyriasis.com auth +listen on enp0s4 port 25 tls pki lucifer.kyriasis.com auth-optional senders masquerade +listen on enp0s4 port 587 tls-require pki lucifer.kyriasis.com auth senders masquerade +listen on enp0s4 port 465 smtps pki lucifer.kyriasis.com auth senders masquerade listen on lo port 10029 tag DKIM-OUT -listen on localhost +listen on localhost senders masquerade ## diff --git a/theos.kyriasis.com/smtpd.conf b/theos.kyriasis.com/smtpd.conf index 03f1de5..7ef11dc 100644 --- a/theos.kyriasis.com/smtpd.conf +++ b/theos.kyriasis.com/smtpd.conf @@ -12,23 +12,24 @@ pki theos.kyriasis.com key "/etc/ssl/kyriasis-wosign/private.key" # If you edit the file, you have to run "smtpctl update table users" table users file:/etc/smtpd/users +table sendertable file:/etc/smtpd/senders ## # Listen directives # -listen on eth0 port 25 tls pki theos.kyriasis.com auth-optional -listen on eth0 port 587 tls-require pki theos.kyriasis.com auth -listen on eth0 port 465 smtps pki theos.kyriasis.com auth +listen on ens4 port 25 tls pki theos.kyriasis.com auth-optional senders masquerade +listen on ens4 port 587 tls-require pki theos.kyriasis.com auth senders masquerade +listen on ens4 port 465 smtps pki theos.kyriasis.com auth senders masquerade -listen on tun0 port 25 tls pki theos.kyriasis.com auth-optional -listen on tun0 port 587 tls-require pki theos.kyriasis.com auth +listen on cjdns port 25 tls pki theos.kyriasis.com auth-optional senders masquerade +listen on cjdns port 587 tls-require pki theos.kyriasis.com auth senders masquerade listen on lo port 10026 tag DKIM-IN listen on lo port 10029 tag DKIM-OUT -listen on localhost +listen on localhost senders masquerade ## -- cgit v1.2.3-70-g09d2