iRedMail
// Document IndexThis tutorial is available in other languages. Help translate more
简体中文 /
Attention
Check out the lightweight on-premises email archiving software developed by iRedMail team: Spider Email Archiver.
Attention
This tutorial is applicable to iRedMail-0.9.9 and earlier releases. If you're running a later release, please follow this tutorial instead.
Create a plain text file: /etc/postfix/sender_access.pcre, list all
users' email addresses which are allowed to send email without smtp
authentication. We use user email address user@example.com for example:
/^user@example\.com$/ OK
It's ok to use IP address instead like below:
For more allowed sender format, please check Postfix manual page: access(5).
/^192\.168\.1\.1$/ OK
/^192\.168\.2\./ OK
/^172\.16\./ OK
Update Postfix config file /etc/postfix/main.cf to use this pcre file:
smtpd_sender_restrictions =
check_sender_access pcre:/etc/postfix/sender_access.pcre,
[...OTHER RESTRICTIONS HERE...]
Restart/reload postfix to make it work:
# /etc/init.d/postfix restart
iRedAPD plugin reject_sender_login_mismatch will check forged sender address.
If sender domain is hosted on your server, but no smtp auth, it will be
considered as a forged email. In this case, iRedAPD will reject this email
(with rejection message: Policy rejection not logged in), so we need to
bypass the sender email address. If email is sent from an internal network
device like printer, fax, we can also add its IP address directly.
user@example.com, please add setting in
/opt/iredapd/settings.py like below:ALLOWED_FORGED_SENDERS = ['user@example.com']
192.168.0.1 and
192.168.1.0/24, please add setting in /opt/iredapd/settings.py like below:MYNETWORKS = ['192.168.0.1', '192.168.1.0/24']
Restarting iRedAPD service is required if you updated /opt/iredapd/settings.py.