Am 18.03.2012 19:51, schrieb Rachid Abdelkhalak:
>> you are NOT prompted if the RCPT is in your own domains
>> this is because you are not try to relay
>> that way mail delivery works from other MTA's
> 
> The RCPT is not in my domain.
> 
> For example, if i connect to my server
> 
> telnet myserver 25
> ehlo
> mail from:<my...@mydomain.com>
> rcpt to:<externaladdr...@otherexternaldomain.com>
> data
> This is a test, please do not respond
> .
> quit
> 
> With this test, i was able to send email from my CEO address to an external 
> email address using my server.
> That's what i'm trying to prvent.
> 
>>
>> again: there is no difference between telnet and any other MUA
>> spoofing protections has nothing to do with SMTP Auth

if this happens really and you are NOT in "mynetworks"
you have a open-relay, this must not happen!

usually you should start with "postconf -n", now it's really time
and please: the next time start with exactly this sample and not
with something about telnet and such not related things

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to