On 10/22/2016 5:36 PM, Paul van der Vlis wrote: > The "Authenticated sender" does not excist as a user account. It is an > correct e-mail address, but not an user account with what you can > authenticate.
And yet that's the username postfix provides to the backend. The only mystery here is why the backend accepts it. This is almost certainly due to some unintentional configuration rather than a bug or exploit. You should concentrate your efforts on the backend. All you'll get out of postfix is that some username and password was passed to the backend, and the backend replied they were valid. Further debugging in postfix is pointless. -- Noel Jones
