Hello, I initiated a similar thread, few days ago, with interesting responses. Have a look at it: http://archives.neohapsis.com/archives/postfix/2008-12/0010.html
Summaryzing, there's a chance of legitimate mail being filtered. See the former thread for examples and a nice discussion :-) PS: And thanks to all who have contributed to it! Cheers, -Roman Geert Hendrickx escribió: > On Thu, Dec 04, 2008 at 10:15:55AM -0500, Sahil Tandon wrote: >> Gabriel Hahmann <[EMAIL PROTECTED]> wrote: >> >>> I'm new to the list and have a problem with my mail system. Recently I'm >>> receiving a lot of spam emails coming from the internet but the sender is a >>> user from my domain. Then I tried the same thing directly from other system, >>> as described below: >>> >>> telnet mailsystemwithproblem 25 >>> helo testdomain >>> MAIL FROM: <[EMAIL PROTECTED]> >>> RCPT TO: <[EMAIL PROTECTED]> >>> DATA >>> test >>> . >>> >>> I've done this with success, and the machine that i've used to telnet is not >>> in the mynetworks or other parameter. >> This makes sense; MXs outside your networks should be able to send mail >> to your domains. >> >>> The problem is that all my users are receiving spam from themselfs. My >>> server is not an open relay because from outside I can't send email to other >>> domains, but if somebody connects and send to my own domain it works like I >>> said before. >> /etc/postfix/main.cf: >> smtpd_recipient_restrictions = >> ... >> reject_unauth_destination >> check_sender_access hash:/etc/postfix/copycats >> ... >> >> /etc/postfix/copycats: >> testdomain.com REJECT >> >> Be aware that your own users will not be able to send email to each >> other unless they're on mynetworks or SASL authenticated (both permits >> should precede the reject_unauth_destination directive). > > > Note that this will also block mail coming from your own users through > forwarders or mailing lists that do not rewrite the original sender. > > (eg. [EMAIL PROTECTED] -> [EMAIL PROTECTED] -> [EMAIL PROTECTED]) > > Geert > >
