Kamil Raczyński wrote:
On 2011-10-14 16:37, Michel Bulgado wrote:
>> If your intention is to accept emails *only* from your external MX
>> server and from authenticated clients, then you can add
>> check_client_access in smtpd_recipient_restrictions and
>> smtpd_sender_restrictions.
>
> But at the same time, anyone could make Phishing
What kind of phishing? If your internal server accepts only emails
from your external server's IP address and from authenticated users
then I see no way of phishing(?). Of course only if your external
server is properly configured.
Best Regards
Kamil
Before implementing SASL, you explain that anyone from my local network,
could through the command line, telnet to port smtp server and send
messages.
Assuming that your email address and my email is ka...@home.com email
address is mic...@home.com.
Anyone, say the user Pepe for example, from your laptop sent a message
as if Kamil to send a message to Michel. making a joke:
telnet 192.168.1.1 smtp
Trying 192.168.1.1 ...
Connected to server.home.com (192.168.1.1).
Escape character is'^]'.
220 ESMTP Postfix server.home.com
ehlo michel.home.com
250-michel.home.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
DSN 250
mail from: <ka...@home.com>
250 2.1.0 Ok
rcpt to: <mic...@home.com>
250 2.1.5 Ok
data
354 End Data with <CR> <LF>. <CR> <LF>
hey stupid.
.
250 2.0.0 Ok: queued as D5EAF5FF37
Now you understand what kind of Phishing we talking about?
