1

Topic: smtpd_sender_restrictions (0.7.0)

i was able to send mails from an unknown host without authentication if the sender and the recipient address was known by my mail server.
i don't know if it is a bug or feature smile but i fixed this by adding "reject" option to the end of smtpd_sender_restrictions line in postfix configuration file.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: smtpd_sender_restrictions (0.7.0)

Sorry, What do you mean "the sender and the recipient address was known by my mail server"?

3 (edited by udi111 2011-09-08 19:11:06)

Re: smtpd_sender_restrictions (0.7.0)

i'm sorry i wasn't clear, i was too tired yesterday smile

so i went here:
https://www.wormly.com/test_smtp_server
and tested my mail server with these:
sender email: user1@mydomain1.tld
recipient email: user2@mydomain2.tld
and the email sending succeed!
the "user1" part of the sender can be anything, the recipient must be a valid user.

i don't know which option in the config file permits this.
as i read in the postfix manual it is always a good idea to close smtpd_sender_restrictions with "reject", so now it looks like this:

smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject

now it rejects the above emails.

EDIT:
the above leads to rejecting all incoming messages, i think i misread/misunderstand something, so FORGET THIS WHOLE TOPIC, i am sorry smile

4

Re: smtpd_sender_restrictions (0.7.0)

i just want to say i'm sorry, i post something BEFORE i know how things SHOULD work smile

5

Re: smtpd_sender_restrictions (0.7.0)

Never mind, open discussion is always welcome.

In iRedMail, we have Postfix setting "smtpd_sender_login_maps =", it will verify sender address against LDAP/MySQL. This verification will make iRedMail server not an open relay. so the situation you described won't happen at all.