diff options
| author | Slack Coder <slackcoder@server.ky> | 2024-11-07 14:59:15 -0500 |
|---|---|---|
| committer | Slack Coder <slackcoder@server.ky> | 2024-11-12 10:14:52 -0500 |
| commit | cf390eb9893630df90eaa0166b2eb8e95cdafcc6 (patch) | |
| tree | 02c03b3c6435f78afd9f88ef85e2a594efc73447 /README.md | |
| download | postfix-unix-users-cf390eb9893630df90eaa0166b2eb8e95cdafcc6.tar.xz | |
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..2a08f5b --- /dev/null +++ b/README.md @@ -0,0 +1,35 @@ +# User Group Membership for Postfix + +Limit E-Mail access for users using group membership in Postfix. + +The default Postfix setup restricts E-Mail to all system users, which includes +service users such as 'www'. + +## Installation + +```sh +go build . +sudo mv postfix-unix-users /usr/local/bin +sudo chown root:root /usr/local/bin/postfix-unix-users +``` + +## Configuration + +Tell Postfix to start the program as part of its operation, using allowed user groups listed in the file '/etc/postfix/user_groups'. + +/etc/postfix/master.cf: +``` +unix-users unix - n n - 1 spawn + user=nobody argv=/usr/local/bin/postfix-unix-users + --hostname $myhostname + --groups /etc/postfix/user_groups + email-group-1 email-group-2 +``` + +Tell Postfix to lookup local users using the program's unix socket. + +/etc/postfix/main.cf: +``` +# Replace 'unix:passwd.byname' with 'socketmap:unix:private/unix-users:membership'. +local_recipient_maps = socketmap:unix:private/unix-users:membership $alias_maps +``` |