postfix – how to prevent users from sending with another users name

Zulakis asked:

Even though my postfix server cannot be used without authentification (open relay), sending mail in another users name after logging in is still possible like this:

auth plain eW91IGxpdHRsZSBkaXJ0eSBiYXN0YXJkIDstKQ==
235 2.7.0 Authentication successful
mail from: [email protected]
250 2.1.0 Ok
rcpt to: [email protected]
250 2.1.5 Ok
354 End data with <CR><LF>.<CR><LF>
Please send me your account info.
250 2.0.0 Ok: queued as D40692A61AA

How can this be prevented?

My answer:

In your

smtpd_sender_restrictions =

you should have (possibly among other things):


You must have smtpd_sender_login_maps defined to provide a username to email address mapping.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.