On 2016-07-22 19:53, Shawn Heisey wrote:
relay_domains = $mydestination, hash:/etc/postfix/local_domains
if local_domains contains domains local, you can reject senders that
forge sender AFTER permit_sasl_auth...
postfix is always first match wins
google check_sender_access
http://www.postfix.org/SASL_README.html
so its just in what order with hash file wins first to make it work
if mynetworks contains too many ips its openrelay for them in that case
remove permit_mynetworks or place it AFTER sender accesss, remember
permit_mynetworks must accept email without @
