Hello! Is it possible to require authentication based on specific properties of an MUA or its connection?
I would like to require all connections that originate from the php-fpm daemon (or its children) on the server in question to be forced to authenticate when sending mail through Postfix. At the same time, I need for messages from other sources (cron scripts, system maintenance utilities, etc.) to be sent as normal, without requiring authentication. In short, I have a pesky PHP script somewhere, under a customer's hosted account, that is sending outgoing spam messages. The script appears not to be using PHP's mail() function, and may instead be speaking to Postfix directly, which renders PHP's mail-related logging functions irrelevant and useless, and makes the source much more difficult to trace. The Postfix and amavis-new logs are not terribly useful in this context (at least at the default verbosity) because all they reveal is that the messages are coming from localhost. The port number is listed, too, but I don't know if that reveals anything useful. If there is a better way to deal with this nuisance than resorting to stricter authentication protocols, I would love to hear alternate suggestions. Thanks for any pointers! -Ben
