yep know. It is a dedicated access file. Renamed it to relay_auth, to make
it more clear what the file is for.
But a question: Why do you like sasl authentication? Isn't it more secure to
have no authentication at all and instead
rely on client IP?
Then theres no authentication to hack.
I even have "smtpd_sasl_auth_enable = no", so theres absolutely nothing a
outsider can do to get a mail relayed through my server.
About delay_reject, I did set it to yes to be sure (so even in case that
postfix was compiled - it was shipped with lubuntu - with "no", it will
still be a yes)
-----Ursprungligt meddelande-----
From: Viktor Dukhovni
Sent: Wednesday, May 07, 2014 9:15 PM
To: [email protected]
Subject: Re: Configure postfix to reject forged mail?
On Wed, May 07, 2014 at 09:04:37PM +0200, Sebastian Nielsen wrote:
About the "forgetting" of the purpose of the access file:
Did put a comment block in the access file:
#NEVER EVER PUT ANYTHING YOU DONT WANT TO BE OPEN RELAY FOR IN THIS FILE#
#ONLY USE PERMIT_MYNETWORKS OR SIMILIAR RESTRICTIONS#
sebbe.eu permit_mynetworks, reject
Then I will never forget, and successors of me wont break the open relay
prevention system.
Belt and suspenders, apply the check in smtpd_sender_restrictions,
and don't set "smtpd_delay_reject = no". Document this requirement.
In the dedicated access file (yes, not named "access") the comments
should state that this must never return an unconditional OK for
any lookup keys. Only "permit_mynetworks", "permit_sasl_authenticated"
or similar are acceptable, because this access file is for relay
access by sender domain, and sender domains are easy to forge, so
real access control must still be applied.
--
Viktor.
