This question is kind-of related to my recent open relay problem, which at the moment seems most likely caused by a hacker invading my mail server (possibly through a web service running on the same box) and injecting fraudulent messages into my server directly via the localhost interface.
Postfix "sort-of" recognizes this, because each of the fake messages appears to contain a "Received:" header line (created by my Postfix) saying the sender sent out a host name or address in its HELO, but my Postfix knew that the message was really coming from 127.0.0.1. My question is, is there any configuration option for Postfix to reject mail in a situation where the sender is clearly spoofing its identity like this during the SMTP conversation? I suppose it might possibly be good enough in this situation to use an option that rejects inbound mail claiming to be from some outside host when in fact it's really coming from localhost. I've looked at the various smtpd_helo_restrictions, but it's not obvious to me which (if any) of these can do what I want. Obviously, this option (if it exists) would need to be used judiciously so as not to block legitimate e-mail passing through milters and such. But what I want to know is if any such option exists at all. Rich Wales ri...@richw.org
