Greetings,
my mail server runs postfix+dovecot+mysql and has a dozen of virtual
domains.
Users need to authenicate to the SMTP to send mail.
The problem is that my postfix does not ask for authentication if the
recipient is inside any virtual domains of my server, so any user can
connect to my postfix and send emails to any of my domains without
authentication! This is bad!
This is what I have in main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_non_fqdn_hostname,
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_unknown_sender_domain,
reject_invalid_hostname,
reject_unauth_pipelining,
reject_unknown_recipient_domain,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dnsbl.njabl.org
I commented out "reject_unauth_destination" to no avail, postfix could
not receive mail from the Internet anymore, because required
authentication to remote SMTPs.
Anybody can enlighten me on the matter?
Thanks in advance!
Gabriele
