Update login map for postfix's reject_sender_login_mismatch

SYSTEM INFORMATION
OS type and version Ubuntu 22.04
Webmin version 1.999
Virtualmin version 7.1-1
Related packages postfix

This topic was closed so I couldn’t reply, but I wanted to share a simple script I modified from the one @randallflagg provided for setting a map for postfix to prevent users from sending as other mailboxes.

I know it’s just basic nested for loops, but I figured I would put it out there in the event that someone is trying to do the same thing as I was.

As far as my setup, my virtual-server administrator users have the username of “domain.tld” and I couldn’t quite get randallflagg’s working for me without further modifying the map file. This script allowed me to make the map for all aliases of the administrator users, and then also include the mailbox-only users. Hopefully this can help someone somewhere!

I added:
smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps
to /etc/postfix/main.cf
and:
permit_mynetworks reject_sender_login_mismatch permit_sasl_authenticated
to Restrictions on sender addresses in Virtualmin’s Postfix:SMTP Server Options config.

#!/bin/bash
#Get list for Postfix's reject_sender_login_mismatch

if [ "$(id -u)" = "0" ]; then
	echo -n "" > /etc/postfix/sender_login_maps
	for username in $(virtualmin list-users --all-domains --name-only --include-owner)
	do
		for usermail in $(virtualmin list-users --all-domains --include-owner --email-only --user $username)
		do
			echo "$usermail" "$username" >> /etc/postfix/sender_login_maps
		done
	done
	postmap /etc/postfix/sender_login_maps
fi

Edit: I just realized that this doesn’t include the domain.tld@domain.tld address so I will keep fiddling with it hah!

Edit 2: Fixed 'er up good. Didn’t realize that the list-users command worked a certain way :stuck_out_tongue: Doesn’t need to check for weird output from list-aliases now wooo

1 Like

You mean this one:

Interesting @rhoxthebeast , I shall put it through its paces and revert.

1 Like

Ah thank you, I didn’t think to post the link on it’s own line to have it embed, woops. New to the forum D:

I also added it to Virtualmin Configuration → Actions upon server and user creation → Command to run after making changes to an alias.

The loop definitely increases the time virtualmin takes to finalize the changes, but it should keep the map up to date. Happy to take suggestions on other ways to create/modify the map that maybe won’t take as much time/resources!