On 2013-03-18 12:07, Wietse Venema wrote: > Per olof Ljungmark: >>> I'd recommend separating authenticated from unauthenticated submission. >>> Enable submission (port 587) with authentication required, and remove >>> permit_sasl_authenticated from the smtpd instance on port 25. For the >>> submission port you could enable reject_sender_login_mismatch to >>> restrict senders to their own sender address. If you want them to be >>> able to use arbitrary addresses for mail sent to local recipients, >>> but disallow non-local sender addresses for outbound mail, you'll >>> probably have to use a policy service. >> >> Thank you for the tip. Then I have to figure out how to separate the two >> rulesets which I yet did not discover in the docs. >> >> Unfortunately we do have clients still using port 465 for sending so not >> sure if it is even possible. >> >> No other way to achieve this? > > Separate your mail streams: > > MTAs talk to port 25. > > MUAs talk to port 587 (465 if they are pre-historic). > > If that is not possible use DNS to separate the streams: > > MTAs use MX records. Use a separate IP address for MTA service. > > MUAs use A records. Use a separate IP address for MUA service. > > Or at least that's what is supposed to happen. > > Wietse >
If we do not implement this case: (authenticated client assumed) - from nonlocal@ to local-user@local-domain Would "reject_sender_login_mismatch" do the job together with "smtpd_sender_login_maps"? Here we could match username with MAIL FROM:, at least as I understood from a quick read, although it must suffice that the domain part matches. Then we just have to fix multi-account MUA's to use different logins for different accounts. This rule does not have any impact on non-authenticated clients also. If this works I'm inclined to use this alternative instead.
