On Fri, Aug 30, 2013 at 03:12:40PM -0400, Jean-Sébastien Nicaise 
wrote:
> On Fri, Aug 30, 2013 at 2:44 PM, Wietse Venema 
> <wie...@porcupine.org> wrote:
> 
> > Jean-S?bastien Nicaise:
> > > I'm verifying the sender email (mail from:) of mails sent from 
> > > local users, not the recipient email (rcpt to:).
> >
> > In that case.
> >
> > /etc/postfix/main.cf:
> >     smtpd_reject_unlisted_sender = yes
> >
> > This turns on "used unknown" tests for for MAIL FROM addresses.
> 
> This does look like what I need, although it is not working.
> 
> Mail still goes through.
> 
> Aug 30 15:11:15 mail01 postfix/qmgr[18491]: E05B660373: 
> from=<t...@yasdsdfdf.net>, size=2755, nrcpt=1 (queue active)

Yasdsdfdf.net is NXDOMAIN. You seem to be shifting the goal? If you 
are talking about sender domains which do not exist, simply precede 
your permit_sasl_authenticated restriction with
reject_unknown_sender_domain.

http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain

And see also, in case the goal shifts back:

http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_sender
http://www.postfix.org/postconf.5.html#reject_unlisted_sender

> Aug 30 15:11:16 mail01 postfix/smtp[18536]: E05B660373: 
> to=<*REMOVED*>, relay=gmail-smtp-in.l.google.com[173.194.74.27]:25, 
> delay=0.95, delays=0.02/0.01/0.3/0.62, dsn=2.0.0, status=sent (250 
> 2.0.0 OK 1377889894 g8si4772232qam.41 - gsmtp)

I'm surprised that gmail accepted this, because most sites will use 
reject_unknown_sender_domain or equivalent.
-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

Reply via email to