Andriy Yurchuk asked:
My Postfix configuration is the following:
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_helo_restrictions = reject_invalid_helo_hostname smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unlisted_sender, reject_unknown_sender_domain smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit smtpd_end_of_data_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_etrn_restrictions = reject smtpd_reject_unlisted_sender = yes smtpd_reject_unlisted_recipient = yes
Currently, if I telnet to my mail server from anywhere I am able send an email without authentication with any
HELO and any
MAIL FROM: to any of the email addresses configured on my mail server. I want to reject that and allow sending to my mail server’s addresses only after successful authentication.
UPD Is it possible at all? I’ve just realized that this might actually be the way a mail receiving system works in general (the sender does not need to auth on my server to send a mail to me). Or am I mixing something up?
The behavior you describe as happening is correct, if you want to receive mail from people outside your domain on the rest of the Internet. Only outgoing mail from your own users, destined for other places on the network, needs to be authenticated.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.