Hello again, i read carefully the explanation given by rhsoft and also went to postconf doc page - http://www.postfix.org/postconf.5.html -to be able to understand each one of the statements i was setting up. It really looks pretty easy but i think i'm bypassing something because i'm not able to reject senders based on: * The sender/from address is not the one used to login/authenticate. * The sender/from address does not exist.
I'm posting bellow my current Postfix setup in hope someone can help to find the error: $ postconf |grep mail_version mail_version = 2.11.0 $ postconf -n https://gist.github.com/sibok/df8c8fc0d85785978c85 Here's the output shown at /var/log/mail.log https://gist.github.com/sibok/8e910f54ba5b1a9ea05b I enabled MySQL SQL Query logs so that's what i seen when trying to send from w...@blog.example.com to p...@example.com where example.com is a valid domain, able to receive emails, and blog.example.com is a valid CNAME which is not able to receive emails so the following address w...@blog.example.com does not exists. https://gist.github.com/sibok/ef6a417d10ddf20bd242 On Tue, Mar 25, 2014 at 12:07 AM, Pau Peris <p...@webeloping.es> wrote: > Hundred thanks!! Really great help, tomorrow gonna put it all together and > solve the issue. > > Good night! > > > On Mon, Mar 24, 2014 at 9:06 PM, li...@rhsoft.net <li...@rhsoft.net>wrote: > >> >> >> Am 24.03.2014 20:54, schrieb Pau Peris: >> > I'm wondering why are you setting the following policies under >> recipient restrictions >> > and not under sender restrictions? Maybe it's more efficient? >> > >> > reject_non_fqdn_sender >> > reject_unlisted_sender >> > reject_authenticated_sender_login_mismatch >> >> because with "smtpd_delay_reject" which is default for >> good reasons it does not matter and the configuration >> is easier to understand as well as specific overrides >> are better to manage >> >> > reject_non_fqdn_sender >> > reject_unlisted_sender >> > reject_authenticated_sender_login_mismatch >> > >> > Last, what do you think about reject_unverified_sender? Is it a >> resources drainer? >> >> it may lead to blacklisting because you always make a sending >> attempt and in case of forged senders you do that to servers >> never tried to send a message to you > >