README.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

# User Group Membership for Postfix

Limit E-Mail access for users using group membership in Postfix.

The default Postfix setup restricts E-Mail to all system users, which includes
service users such as 'www'.

## Installation

```sh
go build .
sudo mv postfix-unix-users /usr/local/bin
sudo chown root:root /usr/local/bin/postfix-unix-users
```

## Configuration

Tell Postfix to start the program as part of its operation, using allowed user groups listed in the file '/etc/postfix/user_groups'.

/etc/postfix/master.cf:
```
unix-users    unix  -       n       n       -       1       spawn
  user=nobody argv=/usr/local/bin/postfix-unix-users
    --hostname $myhostname
    --groups /etc/postfix/user_groups
    email-group-1 email-group-2
```

Tell Postfix to lookup local users using the program's unix socket.

/etc/postfix/main.cf:
```
# Replace 'unix:passwd.byname' with 'socketmap:unix:private/unix-users:membership'.
local_recipient_maps = socketmap:unix:private/unix-users:membership $alias_maps
```