-------- Original-Nachricht -------- > Datum: Sat, 27 Mar 2010 00:13:25 +0100 > Von: Ansgar Wiechers <li...@planetcobalt.net> > An: postfix-users@postfix.org > Betreff: Re: Spam from the same domain
> On 2010-03-26 Steve wrote: > > Von: listadecorreo <listadecor...@sbd.cadinor.com> > >> in the last month I revived a lot of spam from > >> user_non_ex...@mydomain to user_ex...@mydomain..... can I block all > >> received externals mails from my domain to my domain... > ^^^^^^^^^^^^^^^ > > Are your users sending mail over your infrastructure? Do you force > > them to use SMTP AUTH/SASL? If so then you might have a look at > > reject_sender_login_mismatch to stop forgeries from your own domain. > > The OP wants to block external, not internal senders. > I have perfectly understood what the OP wants. And my answer is still valid. I have reject_sender_login_mismatch active on my servers and trying from remote (or local) to send a mail with my email address or any email address under one of my domains as the sender without being authenticated against Postfix does not work (replaced sensitive information to protect the innocent): ----------------------------- netbox ~ # telnet mail.mydomain.tld 25 Trying 12.23.34.56... Connected to mail.mydomain.tld. Escape character is '^]'. 220 cluster2.mydomain.tld ESMTP Postfix (2.7.0) ehlo some.remote.name.tld 250-cluster2.mydomain.tld 250-PIPELINING 250-SIZE 52428800 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<m...@mydomain.tld> 553 5.7.1 <m...@mydomain.tld>: Sender address rejected: not logged in rset 250 2.0.0 Ok quit 221 2.0.0 Bye Connection closed by foreign host. netbox ~ # ----------------------------- And the same goes if the sender does not exist: ----------------------------- netbox ~ # telnet mail.mydomain.tld 25 Trying 12.23.34.57... Connected to mail.mydomain.tld. Escape character is '^]'. 220 cluster1.mydomain.tld ESMTP Postfix (2.7.0) ehlo some.remote.name.tld 250-cluster1.mydomain.tld 250-PIPELINING 250-SIZE 52428800 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:<non.exist...@mydomain.tld> 553 5.7.1 <non.exist...@mydomain.tld>: Sender address rejected: not logged in rset 250 2.0.0 Ok quit 221 2.0.0 Bye Connection closed by foreign host. netbox ~ # ----------------------------- So if I am not totally wrong understanding the OP then the above would work for blocking external mails that claim to be from <user_non_ex...@mydomain> and are send to <user_ex...@mydomain>. But only if he has a mechanism available in Postfix to identify logged in users and if he forces any of his users to first be authenticated before being able to send mails. Please feel free to correct me if my suggestion is not valid. > Regards > Ansgar Wiechers > -- // Steve -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01
