diff --git a/data/Dockerfiles/postfix/postfix.sh b/data/Dockerfiles/postfix/postfix.sh index 422a4cfb..35cd7901 100755 --- a/data/Dockerfiles/postfix/postfix.sh +++ b/data/Dockerfiles/postfix/postfix.sh @@ -350,16 +350,6 @@ query = SELECT CONCAT('FILTER smtp_via_transport_maps:', nexthop) as transport F AND is_mx_based='1'; EOF -# Reject sasl usernames with smtp disabled -cat < /opt/postfix/conf/sql/mysql_sasl_access_maps.cf -# Autogenerated by mailcow -user = ${DBUSER} -password = ${DBPASS} -hosts = unix:/var/run/mysqld/mysqld.sock -dbname = ${DBNAME} -query = SELECT 'REJECT' FROM mailbox WHERE username = '%u' AND JSON_UNQUOTE(JSON_VALUE(attributes, '$.smtp_access')) = '0'; -EOF - cat < /opt/postfix/conf/sql/mysql_virtual_spamalias_maps.cf # Autogenerated by mailcow user = ${DBUSER} diff --git a/data/conf/postfix/main.cf b/data/conf/postfix/main.cf index bc9fd8a2..00eb8a93 100644 --- a/data/conf/postfix/main.cf +++ b/data/conf/postfix/main.cf @@ -77,7 +77,6 @@ postscreen_greet_wait = 3s postscreen_non_smtp_command_enable = no postscreen_pipelining_enable = no proxy_read_maps = proxy:mysql:/opt/postfix/conf/sql/mysql_sasl_passwd_maps_transport_maps.cf, - proxy:mysql:/opt/postfix/conf/sql/mysql_sasl_access_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_mbr_access_maps.cf, proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf, $sender_dependent_default_transport_maps, @@ -116,8 +115,7 @@ smtpd_error_sleep_time = 10s smtpd_hard_error_limit = ${stress?1}${stress:5} smtpd_helo_required = yes smtpd_proxy_timeout = 600s -smtpd_recipient_restrictions = check_sasl_access proxy:mysql:/opt/postfix/conf/sql/mysql_sasl_access_maps.cf, - check_recipient_mx_access proxy:mysql:/opt/postfix/conf/sql/mysql_mbr_access_maps.cf, +smtpd_recipient_restrictions = check_recipient_mx_access proxy:mysql:/opt/postfix/conf/sql/mysql_mbr_access_maps.cf, permit_sasl_authenticated, permit_mynetworks, check_recipient_access proxy:mysql:/opt/postfix/conf/sql/mysql_tls_enforce_in_policy.cf,