Re: Where are the smtpd SASL settings?

From: Magnus Bäck (no email)
Date: Fri May 18 2007 - 13:35:24 EDT

  • Next message: Magnus Bäck: "Re: bounced email editing sender access the right way"

    On Friday, May 18, 2007 at 18:35 CEST,
         Jordi Cabré <> wrote:

    > Thanks for all, I appreciate very much your help!!!!!
    >
    > However I have surprised with this SMTP session-->
    >
    > $ telnet localhost 25
    > Trying 127.0.0.1...
    > Connected to localhost.localdomain.
    > Escape character is '^]'.
    > 220 mail.gm-soft.com ESMTP Postfix
    > EHLO grupmicros.com
    > 250-mail.gm-soft.com
    > 250-PIPELINING
    > 250-SIZE 10240000
    > 250-VRFY
    > 250-ETRN
    > 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
    > 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
    > 250 8BITMIME
    > MAIL FROM:
    > 250 Ok
    > RCPT TO:
    > 554 <>: Relay access denied
    > RCPT TO:
    > 250 Ok <---- Why OK? I don't SEND a AUTH command in order to
    > authenticate me in front Postfix!!

    gm-soft.com is your own domain. Your configuration does not require
    authentication for domains hosted by your Postfix (which is reasonable).

    [...]

    > smtpd_client_restrictions = permit_mynetworks, reject

    Okay, only clients from mynetworks are allowed. This means that
    noone from the outside can send email to even your own domains.

    > smtpd_data_restrictions = reject_unauth_pipelining
    > smtpd_delay_reject = no
    > smtpd_helo_required = yes
    > smtpd_helo_restrictions = reject_unknown_hostname,
    > reject_non_fqdn_hostname, reject_unknown_hostname, permit
    > smtpd_recipient_restrictions = permit_sasl_authenticated,
    > reject_unauth_destination

    The client restrictions only allow mynetworks clients and the recipient
    restrictions only allow messages to hosted domains unless the client has
    authenticated. This is probably not what you want.

    -- 
    Magnus Bäck
    

  • Next message: Magnus Bäck: "Re: bounced email editing sender access the right way"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD