Am 18.03.2012 19:51, schrieb Rachid Abdelkhalak: >> you are NOT prompted if the RCPT is in your own domains >> this is because you are not try to relay >> that way mail delivery works from other MTA's > > The RCPT is not in my domain. > > For example, if i connect to my server > > telnet myserver 25 > ehlo > mail from:<my...@mydomain.com> > rcpt to:<externaladdr...@otherexternaldomain.com> > data > This is a test, please do not respond > . > quit > > With this test, i was able to send email from my CEO address to an external > email address using my server. > That's what i'm trying to prvent. > >> >> again: there is no difference between telnet and any other MUA >> spoofing protections has nothing to do with SMTP Auth
if this happens really and you are NOT in "mynetworks" you have a open-relay, this must not happen! usually you should start with "postconf -n", now it's really time and please: the next time start with exactly this sample and not with something about telnet and such not related things
signature.asc
Description: OpenPGP digital signature
