Israel Garcia wrote:
This is the postconf -n on my smarthost server.
server:/etc/postfix# postconf -n
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 1024000
mydestination =
myhostname = server.domain
mynetworks = 127.0.0.0/8 xx.xx.xx.xx #<-- my.network.subnet
myorigin = /etc/mailname
readme_directory = no
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name
transport_maps = hash:/etc/postfix/transport
With this conf, only the IPs from mynetworks relay mail throuhg the
smarthost. BUT, I repeat, users can send mail from their servers using
any sender address. How can I block this?
You can prevent relaying by unwanted systems by properly specifying
mynetworks.
You can prevent access by unauthenticated users by using SASL on your
smarthosts: http://www.postfix.org/SASL_README.html
Although it's not appropriate for general use, you could prevent users
from sending using bogus email addresses with by using Sender Address
Verification on your own servers:
http://www.postfix.org/ADDRESS_VERIFICATION_README.html
Terry
