On 1681 0, Stuart Matthews <s...@eff.org> wrote:
> Hi everyone,
>
> I am the systems administrator for the Electronic Frontier Foundation. I
> have been having a problem with getting spam that has a from of, for
> example, t...@eff.org (which is a valid email address). I would like my
> mail server to not accept mail that says it is from @eff.org unless it is
> sent via an authenticated end user, or unless it is mail generated by the
> mail server itself. Essentially, in pseudo-code, what I want is:
>
> if ((from == *...@eff.org) and ((sending mail server != mail1.eff.org) or
> (sent using SMTP auth))) then REJECT
>
> I have already tried editing /usr/local/etc/postfix/access, adding:
> eff.org REJECT you can't send mail as me!
> And of course I ran postmap after this. I have also tried using the setting
> that rejects mail that says HELO eff.org.
>
> Neither worked.
i use a different approach on this. for example, it will reject all
unauthenticated sender claiming to be from domain.com. the error message
would be "not logged in".
smtpd_sender_login_maps = hash:/etc/postfix/sender_login
virtual_mailbox_maps = hash:/etc/postfix/sender_login
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch,
reject_sender_login_mismatch,
permit_sasl_authenticated
...
smtpd_recipient_restrictions = ...
permit_sasl_authenticated,
...
# /etc/postfix/sender_login
us...@domain.com user1
us...@domain.com user2
ad...@domain.com admin,user1
t...@domain.com tech,admin
