Wietse Venema:
> Jonathan Tripathy:
> > On 21/02/2010 19:34, Darren Pilgrim wrote:
> > > Jonathan Tripathy wrote:
> > >> Sorry I forgot to state that im only concerned with MY server here.
> > >> For example, I don't want someone to telnet to MY postfix server, and
> > >> give m...@mydomain.com for both sender and receiver
> > >
> > > Require authentication, set up smtpd_sender_login_maps and use the
> > > reject_sender_login_mismatch restriction.
> >
> > Yup, I'm already using all of that, however that only prevents spoofing
> > of real addresses. So for example:
>
> You forgot to set an owner rule for @domain.
That will also block mail from dae...@your.domain etc.
You can also reject non-existent senders with reject_unlisted_sender.
Wietse
