On 21/02/2010 22:17, Wietse Venema wrote:
Jonathan Tripathy:
[The backup MX host accepts mail from forged local sender
addresses, but the backup MX does not support SASL].
Actually, the MAILER-DAEMON message doesn't get queued at all! It just
discards it when it can't find the user (If the from address was
notarealaddr...@mydomain.com). So I guess it all good...
Oops I'm confusing myself here. The above is true if the spoofed from
address was from my domain, but the user didn't exsist. If the user is
real, then that user gets the MAILER-DAEMON message..
a) Don't use a backup MX host. Really.
b) Don't accept mail "from your domain" on the backup MX host.
/etc/postfix/main.cf:
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/sender_access
/etc/postfix/sender_access:
example.com reject
Or the equivalent if the machine does not run Postfix.
Wietse
Hi Wistse,
Just wanted to say thank you - you've been a great help this evening!
Why not use a backup MX host?
But point b fixes my problem anyways
Thanks
