From: Magnus Bäck (no email)
Date: Fri May 18 2007 - 13:35:24 EDT
On Friday, May 18, 2007 at 18:35 CEST,
Jordi Cabré <> wrote:
> Thanks for all, I appreciate very much your help!!!!!
>
> However I have surprised with this SMTP session-->
>
> $ telnet localhost 25
> Trying 127.0.0.1...
> Connected to localhost.localdomain.
> Escape character is '^]'.
> 220 mail.gm-soft.com ESMTP Postfix
> EHLO grupmicros.com
> 250-mail.gm-soft.com
> 250-PIPELINING
> 250-SIZE 10240000
> 250-VRFY
> 250-ETRN
> 250-AUTH LOGIN PLAIN DIGEST-MD5 CRAM-MD5
> 250-AUTH=LOGIN PLAIN DIGEST-MD5 CRAM-MD5
> 250 8BITMIME
> MAIL FROM:
> 250 Ok
> RCPT TO:
> 554 <>: Relay access denied
> RCPT TO:
> 250 Ok <---- Why OK? I don't SEND a AUTH command in order to
> authenticate me in front Postfix!!
gm-soft.com is your own domain. Your configuration does not require
authentication for domains hosted by your Postfix (which is reasonable).
[...]
> smtpd_client_restrictions = permit_mynetworks, reject
Okay, only clients from mynetworks are allowed. This means that
noone from the outside can send email to even your own domains.
> smtpd_data_restrictions = reject_unauth_pipelining
> smtpd_delay_reject = no
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_unknown_hostname,
> reject_non_fqdn_hostname, reject_unknown_hostname, permit
> smtpd_recipient_restrictions = permit_sasl_authenticated,
> reject_unauth_destination
The client restrictions only allow mynetworks clients and the recipient
restrictions only allow messages to hosted domains unless the client has
authenticated. This is probably not what you want.
-- Magnus Bäck
|
|
|