Thx for the respons
I have setup sasl auth by dovecot
-----Original Message-----
From: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> On
Behalf Of Viktor Dukhovni
Sent: 03 June 2019 16:58
To: Postfix users <postfix-users@postfix.org>
Subject: Re: smtp relay server security
> On Jun 3, 2019, at 9:02 AM, De Petter Mattheas
> <mattheas.depet...@jandenul.com> wrote:
>
> For the moment we have a rule that only allow mail from exchange server
> address to postfix (relay server), but when somebody spoofs this address mail
> gets accept and you can send your mail to anybody as anybody.
>
> When I check:
> [administrator@eqx-mailman02 ~]$ sudo postconf -a [sudo] wachtwoord
> voor administrator:
> cyrus
> dovecot
You can configure SASL authentication on both ends (client on Exchange, server
on Postfix) and require SASL authentication for relaying:
http://www.postfix.org/SASL_README.html
or you can require a TLS client certificate:
http://www.postfix.org/postconf.5.html#check_ccert_access
http://www.postfix.org/postconf.5.html#relay_clientcerts
--
Viktor.
************************************************************
Any reaction to this e-mail or any other mail, including any
files transmitted therewith to sender's e-mail address(es)
shall be dealt with not as private, but as business
communication(s) and shall be registered as such.
************************************************************
