[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sendmail
Subject:    Re: Limit e-mail delivery to members of select groups?
From:       Matej Vela <mvela () irb ! hr>
Date:       2004-09-29 20:03:43
Message-ID: 104929212326.~INN-ECAa00150.comp-news () dl ! ac ! uk
[Download RAW message or body]

On 2004-09-29, Jeff Rife <wevsr@nabs.net> wrote:
> I would like to have only members of a single *nix group (call it
> "mailusers") to be able to receive mail.  In other words, I would like
> sendmail to do it's normal virtual user and alias parsing, and if it
> ends up with a local user who is *not* a member of "mailusers", then
> sendmail should treat it as an unknown user.
>
> Is there any way to do this with just sendmail configs without repeating
> the same listing of users that is in /etc/group?

There's no specific map for group lookups, but you can make do with the
text map.  The check should go in ruleset 5, which is invoked for local
addresses after alias expansion:

  LOCAL_CONFIG
  Kstorage macro
  # find group by name (column 1), and return members (column 4)
  Kgroup text -k0 -v3 -z: /etc/group

  LOCAL_RULESETS
  SLocal_localaddr
  R$* + $*		$@ OK			if still plussed, wait
  R$+			$: $(storage {User} $@ $1 $) , $(group staff $) ,
  R$* , $&{User} , $*	$@ OK			user found in group
  R$+			$#error $@ nouser $: "550 User unknown"

If you'd like to check the primary group as well, use the user map with
"-kgid".  As always, see the Operations Guide for details.


[prev in list] [next in list] [prev in thread] [next in thread]