Hi,
I have configured a postfix mail server with mysql virtual domains/users.
I had a (test) domain say foo.test.com and a user for that domain (
no...@foo.test.com )
The mail server is having IP address 222.333.444.55
Following are some important parameter values in my main.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
ddd $daemon_directory/$process_name $process_id & sleep 5
debugger_command =
debug_peer_level = 2
header_checks = regexp:/etc/postfix/header_checks
html_directory = no
maildrop_destination_recipient_limit = 1
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_pw_server_security_options = plain,login,cram-md5
*smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination*
smtpd_sasl2_auth_enable = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.cert
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_pw_server = yes
smtpd_use_tls = yes
smtp_helo_required = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_valias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_vdomain_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_vmailbox_maps.cf
virtual_minimum_uid = 5000
virtual_transport = maildrop
virtual_uid_maps = static:5000
Now I am telnetting to this mail server from a diff network (
111.222.333.44)
When I send mail from: no...@foo.test.com to rcpt to: some...@gmail.com it
gives me
554 5.7.1 <some...@gmail.com>: Relay access denied
which is fine due to smtp_recipent_restrictions.
But now if
I send mail from: no...@foo.test.com to rcpt to: no...@foo.test.com
Mail gets delivered .. how can I restrict this
since anybody can send such mails by telnetting to this server.
Same this I am having another domain on the same server say 'boo.test.com'
having user nob...@boo.test.com
still mail from: no...@foo.test.com to rcpt to: nob...@boo.test.com
delivers mails.
How can I restrict such cases.
Thanks & Regards
Swati Meghanand.
