On 29 Jul 2017, at 23:30, deoren wrote:
On 7/29/17 4:31 PM, Bill Cole wrote:
[...]
Using 'OK' in check_sender_access for white;listing isn't wrong, it's
just imperfect and can be risky. It is trivial to forge the SMTP
sender address, so absent additional measures applied AFTER
smtpd_recipient_restrictions (such as replicating the
reject_rbl_client rules in smtpd_relay_restrictions) your 'OK'
whitelisting makes you an open relay for anyone forging the exempted
address or domain.
So if I return 'OK' within smtpd_recipient_restrictions, will these
rules within smtpd_relay_restrictions be sufficient to prevent
granting them relay access? I was under the impression that it was?
smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
Yes. As always, Dr. Venema knows more than anyone about Postfix and his
recommendation was much more concise and complete than mine:
reject_unauth_destination before any access map used as a whitelist
prevents the whitelisting from opening a relay hole.
[...]
So far so good, aside from various points of ignorance like the one
you helped clear up for me. I still have much to learn.
True for us all, aside from those who actually write the code.
