Hi, i need to force everybody including local network users that uses mail clients and webmail to authenticate on smtp to send mails from my server , i has enables sasl_auth modules and authentication is working fine but when i set the option smtp_recipient_restrictions = permit_sasl_authenticated reject my server stop to receive mail from external server like gmail and yahoo i've tried the option permit_auth_destination so if the final destination of emails is my domain the server doesn't require authentication, but here i have the security problem, if a machine on my network is infected with a virus or one spammer inside or outside my network will send spam to all users on my domain because the authentication is not required. what is the correct way to do that? i need to require authentication but the incoming can't be rejected.
here is the section of my main.cf: smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_local_domain = $myhostname broken_sasl_auth_clients = yes smtpd_recipient_restrictions = reject_non_fqdn_recipient permit_sasl_authenticated permit_unauth_destination reject strict_rfc821_envelopes = yes smtpd_require_helo = yes
