Enforce a match between from address and sasl username for 2 users using the same exception address

[mpeltier]

Hi,
I am trying to enforce a match between from address and sas username with an exception file as described at:
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
It works, however 2 users would like to use the same alternate mail address.

The exception file /opt/zimbra/conf/slm-exceptions-db
test@alternate.domain.org user1@domain.org
test@alternate.domain.org user2@domain.org
cannot be compiled by postmap because of duplicate entry.

I have tried to list several exception files in zimbraMtaSmtpdSenderLoginMaps, eg:
zimbraMtaSmtpdSenderLoginMaps: lmdb:/opt/zimbra/conf/slm-exceptions-db1, lmdb:/opt/zimbra/conf/slm-exceptions-db2, proxy:ldap:/opt/zimbra/conf/ldap-slm.cf
with:
/opt/zimbra/conf/slm-exceptions-db1
test@alternate.domain.org user1@domain.org
/opt/zimbra/conf/slm-exceptions-db2
test@alternate.domain.org user2@domain.org
but it does not work: mail from test@alternate.domain.org by user1 is rejected (sender address rejected: not owned by user user1@domain.org).

Is there a way to support this?
Thanks,
Mathieu

[lzmwtt]

Hi,

You may try as below:-

1. edit the exception file /opt/zimbra/conf/slm-exceptions-db as the following format:-
test@alternate.domain.org user1@domain.org, user2@domain.org (Note: use "," comma among userlists)

2. postmap /opt/zimbra/conf/slm-exceptions-db

3. zmprov mcf zimbraMtaSmtpdSenderLoginMaps 'lmdb:/opt/zimbra/conf/slm-exceptions-db, proxy:ldap:/opt/zimbra/conf/ldap-slm.cf' +zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch

4. edit the file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf, search the line "permit_mynetworks", change the line to:-
permit_mynetworks, reject_sender_login_mismatch

5. zmcontrol restart

[mpeltier]

Thanks I will test it and will let you know if it works for me.
Mathieu

[mpeltier]

Hi,
I confirm that the solution works for me.
Thanks again.
Mathieu