W dniu 2009-03-03 23:34, MacShane, Tracy pisze:
We have a very clear policy that users are only permitted to relay mail
from our networks. If they are sending from home, they use webmail.
We've had one or two instances where external organisations have used
some kind of auto-reply mechanism which purports to send from our users,
but we simply tell them to fix the sender address. We use a sender
access map to reject the spurious senders that aren't coming from
my_networks. You can use warn_if_reject to test the impact of this
measure for a few days or weeks.
main.cf
======
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_non_fqdn_sender,
check_sender_access hash:/etc/postfix/sender_access
# cat /etc/postfix/sender_access
ourdomain.com REJECT
ourdomain.gov.au REJECT
So you too advocate (if I clearly understand you) my point of view,
where those "legit mails", which Noel was talking about,
are just misconfigurations of others' servers.
I believe that we share opinion that restricting own users to sending
from my_networks and/or authenticated clients
works perfectly to stop getting spam from u...@example.com to
u...@example.com.
Pawel Lesniak
