postfix - how to block all linux users except root???
I don't want anybody to send mail without being authenticated especially from php forms. Php mail function sends mail as user www-data..
But also logwatch sends mail as root which I really need.. There are also users authenticated by sasl.. They shouldn't be blocked, too..
So, are there any way to block all linux users to send mail except root?
Thanks in advance..
5 Replies
@Guspaz:
Consider this: any user can open a port 25 or 587 to any mail server and deliver mail there directly. IPTABLES can't really stop that while still allowing the mail server to work, although I believe selinux network ACLs do.
Thanks for your reply.. But, I don't think to change my linux distribution.. There should be a way through postfix's configurations..
You might also need to adjust your handling of mynetworks to prevent local connections to smtp being treated as special.