On 11/9/21, 08:20, "owner-postfix-us...@postfix.org on behalf of Matus UHLAR -
fantomas" <owner-postfix-us...@postfix.org on behalf of uh...@fantomas.sk>
wrote:
so the server successfully accepted mail to remote recipient. That's called
open relay.
Note that nessus can't know if it's in server's $mynetwork.
>And from the maillog, I get this:
>
>Nov 09 12:56:44 MAIL_SERVER postfix/smtp[140754]: F077F1016F54:
> to=<foo...@foobar.org>, relay=LOCAL_MDA[aaa.bbb.ccc.ddd]:25, delay=0.12,
> delays=0.03/0.03/0.02/0.03, dsn=4.7.1, status=deferred (host
> LOCAL_MDA[aaa.bbb.ccc.ddd] said: 454 4.7.1 <foo...@foobar.org>: Relay
> access denied (in reply to RCPT TO command))
This means that the mailserver is not able to deliver the mail.
The problem described by nessus is that it is willing to deliver it.
exclude nessus's IP from $mynetworks.
Not practical. Based on the rejection log, which parameter will let postfix
reject rather than defer ?
