On Thu, Nov 17, 2016 at 05:31:43PM +0100, Sebastian Nielsen wrote: > The advantage with using "permit_sasl_authenticated, reject" as > check_sender_access in the global config, is that authenticated > senders won't be able to send with a adress outside of your domain > either, thus achieving both local spoof prevention for > unauthenticated users, but also prevents foregin spoof from > authenticated users.
That's not true. "permit_sasl_authenticated" does exactly what it says, regardless of sender address. If the client successfully authenticated, the mail is accepted. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
