On 3/18/2024 8:35 PM, Reg Inaldo via Postfix-users wrote:
Hi
I am seeing an issue with relaying and am looking for a way to
filter on a specific smtp line but can't find a way to make it work:
In the transaction (eg): mta-k postfix/smtpd[23771]: 97F808837:
client=localhost[127.0.0.1], orig_client=localhost[127.0.0.1]
I want to reject anything on the "orig_client" basis where:
*orig_client**=localhost*[127.0.0.1]
All of the standard submissions to the MTAs include the originating
server, eg: client=localhost[127.0.0.1],
orig_client=m236-67.mailgun.net[159.135.236.67]
The fact that they are all coming via 'client=localhost' makes it
difficult to just use that term.
This sounds like you're having a problem with unauthenticated
relaying, and the thing you've noticed with the bad mail is
orig_client=localhost.
Be aware that rejecting the mail after it's gone through your
content_filter will cause a bounce to the (possibly forged) sender
address. This is likely to be as much a problem as the original
unwanted mail.
The proper solution is to fix the cause of the insecurity that's
allowing something to send unauthorized mail, before it gets to postfix.
The usual cause is a compromised web server or abused web forms.
Fix the right problem.
-- Noel Jones
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
