On 5/2/2011 7:10 PM, R F wrote:
The above is the envelope sender. You can configure postfix to reject your own
domain in the envelope sender from outside mail. See numerous posts on this in
the archives.
This will reject legit mail, but probably not a great amount. Pick your pain
threshold.
That is probably something to try, unfortunately have tried google on
this but I can't find anything but your post. Can you point me out
something?
The idea is to allow authorized users first -- mynetworks and
SASL authenticated -- then reject anyone else using your
domain as the sender. A bare-bones example:
# main.cf
smtpd_recipient_restrictions =
permit_mynetworks
# uncomment next line if you use SASL
# permit_sasl_authenticated
reject_unauth_destination
check_sender_access hash:/etc/postfix/sender_access
# sender_access
my.example.com REJECT sender domain not authorized
- remember to issue "postfix reload" after editing main.cf.
- remember to "postmap sender_access" after editing it.
-- Noel Jones
