On Dec 4, 2009, at 2:34 PM, Sahil Tandon <sa...@tandon.net> wrote:
On Dec 4, 2009, at 2:26 PM, Carlos Williams <carlosw...@gmail.com>
wrote:
On Fri, Dec 4, 2009 at 2:22 PM, Matt Hayes
<domin...@slackadelic.com> wrote:
The question is, are you trying to 'relay' through the server or
sending
to a domain that the server hosts?
-Matt
I don't know how to answer this. The Postfix server is on the same
network as the clients connecting to it. The clients simply connect
to
the server on the same subnet / domain. It just seems that anyone can
log in as anybody and send mail on their behalf. This appears bad to
me...
If you don't trust users in your networks not to masquerade as one
another, prohibit users from relaying without SASL auth and employ
reject_sender_login_mismatch.
BTW: you do realize the mail from and from: header of your users/
domains can still be spoofed from elsewhere, right?
