postfix - allow sending email with related alias

I have installed postfix 2.11.3 + +sasl + postfixadmin + dovecot + roundcube on debian 8. All is working fine but today every users can send email with another email address. I would like to add a restriction to allow the users to send email only with their mailbox or the alias related to their mailbox.

Examples :
1) Mailboxes
[email protected]
[email protected]

2) Alias
[email protected] goto [email protected]
[email protected] goto [email protected]

I would like that [email protected], logged with [email protected], can send email with [email protected] and [email protected] only.
user1 should not be able to use user2, alias2 or whatever.

I'm looking for a solution using a mysql_table lookup as I manage mailbox and alias with postfixadmin and mysql. Something like this :

SELECT address FROM alias WHERE address = '%s' AND goto LIKE '%<login>%'

From the man page, only there parameters are available :

          %s     This  is  replaced by the input key.  SQL quoting is used
                 to make sure that the input key does not  add  unexpected
                 metacharacters.

          %u     When the input key is an address of the form user@domain,
                 %u is replaced by  the  SQL  quoted  local  part  of  the
                 address.   Otherwise, %u is replaced by the entire search
                 string.  If the localpart is empty,  the  query  is  sup-
                 pressed and returns no results.

          %d     When the input key is an address of the form user@domain,
                 %d is replaced by the  SQL  quoted  domain  part  of  the
                 address.   Otherwise, the query is suppressed and returns
                 no results.

          %[SUD] The upper-case equivalents of the above expansions behave
                 in  the  query  parameter identically to their lower-case
                 counter-parts.  With  the  result_format  parameter  (see
                 below),  they expand the input key rather than the result
                 value.

          %[1-9] The patterns %1, %2, ... %9 are replaced  by  the  corre-
                 sponding  most  significant  component of the input key's
                 domain. If the input key is  [email protected],  then
                 %1 is com, %2 is example and %3 is mail. If the input key
                 is unqualified or does not have enough domain  components
                 to  satisfy all the specified patterns, the query is sup-
                 pressed and returns no results.

login is not available.

I know there is a solution to do the restriction on roundcube but my users can access their email directly without roundcube.

Thanks in advance for your help.

UPDATE

I tried this : main.cf

smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual-sender-maps.cf
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch permit_sasl_authenticated

mysql-virtual-sender-maps.cf

user = mailuser
password = xxxxxxxxxxxxxxxx
hosts = 127.0.0.1
dbname = postfixadmin
query = SELECT address FROM alias WHERE goto LIKE '%%%s%%'

Logged in with user1, i'm able to send email with alias2.

The content of database is the default for postfixadmin :

CREATE TABLE IF NOT EXISTS `alias` (
`address` varchar(255) NOT NULL,
`goto` text NOT NULL,
`domain` varchar(255) NOT NULL,
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1'
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual   Aliases';

CREATE TABLE IF NOT EXISTS `mailbox` (
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`name` varchar(255) CHARACTER SET utf8 NOT NULL,
`maildir` varchar(255) NOT NULL,
`quota` bigint(20) NOT NULL DEFAULT '0',
`local_part` varchar(255) NOT NULL,
`domain` varchar(255) NOT NULL,
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`active` tinyint(1) NOT NULL DEFAULT '1'
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Postfix Admin - Virtual Mailboxes';

Solution 1:

smtpd_sender_restrictions should include reject_authenticated_sender_login_mismatch

You then would supply a mysql_table for smtpd_sender_login_maps.

Solution 2:

Just for reference, I had the exact same problem and solved it withing postfix. After that, my [email protected] authenticates and than can send email either from [email protected] or [email protected].

In master.cf I have a configuration to enable my SSL sasl authenticated users as follows:

smtps      inet  n       -       y       -       -       smtpd
    -o syslog_name=postfix/smtps
    -o smtpd_tls_wrappermode=yes
    -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination
    -o smtpd_sender_restrictions=reject_authenticated_sender_login_mismatch
    -o smtpd_sender_login_maps=mysql:/etc/postfix/mysql-smtpd-sender-login-maps.cf,mysql:/etc/postfix/mysql-virtual-sender-maps.cf

And my mysql map files:

mysql-virtual-sender-maps.cf:

user = mailuser
password = xxxxxxxxxxxxxxxx
hosts = 127.0.0.1
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='%s'

mysql-smtpd-sender-login-maps.cf

user = mailuser
password = xxxxxxxxxxxxxxxx
hosts = 127.0.0.1
dbname = postfixadmin
query = select username from mailbox where username='%s'

Note that I had to "translate" that table names and fields without testing. Don't just copy and paste this solution, but try to use it as as start point.

The trick is that mysql-smtpd-sender-login-maps.cf allows the user to send as his regular login and mysql-virtual-sender-maps.cf also let it send as his alias.

My alias table is set up so that I have kind of a "group". That is, I can have "[email protected],[email protected]" in goto column when address is [email protected] for example. That way, the email is delivered to more than one destination. I just used virtual_alias_maps = for that.

The solution stated above works allowing both [email protected] and user2@example to send as [email protected]

Hope it helps someone. Good luck!

Solution 3:

I finally find a partial answer to my problem. In my config.inc.php for RoundCube, I've previously removed %u from smtp_user parameter and %p from smtp_password. Consequently, the connexion to postfix was unauthenticated. That's why the restriction did not worked.

The query which should work is :

query = SELECT goto FROM alias WHERE address = '%s'

Thanks for the help.