Never mind! Found my answer in the first announcement on SMTP Smuggling (in
the postfix-announce mailing list): it does, in fact, make
"reject_unauth_pipelining" redundant, as expected.
On Thu, Mar 7, 2024 at 5:03 AM Grant Gryczan wrote:
> Hello,
>
> Does the new smtpd_forbi
trictions> =
reject_unauth_pipelining
<https://www.postfix.org/postconf.5.html#reject_unauth_pipelining>
I'm wondering if this new option, when set to its default value of "yes",
would make the above setting redundant now.
(Never used a mailing list before, forgive me if I&
On 2018-01-20, Viktor Dukhovni wrote:
>> On Jan 19, 2018, at 6:10 PM, Grant Edwards wrote:
>>
>>> Note that with my suggestion to override "default_transport" not only the
>>> original messages, but also any bounces or delay notifications go out via
>
On 2018-01-19, Viktor Dukhovni wrote:
>
>
>> On Jan 19, 2018, at 5:48 PM, Grant Edwards wrote:
>>
>>
>> It does some stuff via the ssh-2 protocol.
>
> Note that with my suggestion to override "default_transport" not only the
> original message
On 2018-01-19, Matus UHLAR - fantomas wrote:
> On 19.01.18 19:15, Grant Edwards wrote:
>>Becuase postfix doesn't implement the protocols used by that
>>command-line utility to transfer the mail to another server via the
>>network.
>
> which one is that?
It does s
On 2018-01-19, Viktor Dukhovni wrote:
> On Fri, Jan 19, 2018 at 06:45:29PM +0000, Grant Edwards wrote:
>
>> > That'd be magic. How exactly is the command-line MTA supposed to
>> > get the mail "relayed" without connecting to a remote host?
>>
>
On 2018-01-19, Ralph Seichter wrote:
> On 19.01.18 19:45, Grant Edwards wrote:
>
>> Let's not worry about how the command-line MTA works. It has the same
>> usage as /usr/bin/sendmail and it works. What I am asking for is an
>> SMTP relay server that will rel
On 2018-01-19, Viktor Dukhovni wrote:
>
>
>> On Jan 19, 2018, at 1:15 PM, Grant Edwards wrote:
>>
>> I'm trying to figure out how to set up an SMTP server that accepts
>> incoming mail and relays it by invoking a command-line MTA
>> (e.g. /usr/bin/send
I'm trying to figure out how to set up an SMTP server that accepts
incoming mail and relays it by invoking a command-line MTA
(e.g. /usr/bin/sendmail or equivalent) instead of connecting to a
'smarthost' SMTP server.
Can Postfix do that?
--
Grant Edwards grant.b.edw
es
> this rather simple to implement as you already have the requisite
> accounts and passwords configured.
OK, SASL it is. I'm actually already using saslauthd but was hoping I
could turn it off since I'm using webmail now. Is switching from
saslauthd to dovecot's SASL a worthwhile endeavor if I'm already using
dovecot for IMAP?
- Grant
one for postfix?
- Grant
use cleartext with SSLv3-only SMTP peers.
Wouldn't these used in combination require TLS for authentication?
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_protocols = !SSLv2, !SSLv3
- Grant
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
The above is said to work with:
smtpd_tls_security_level = encrypt
but does it work with:
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
- Grant
it parameter, so this probably goes
> back to the very first alpha release.
Got it, thank you.
- Grant
Is message_size_limit still valid? All of the references I can find
to it online are very old. Is there another postfix directive I
should use to set the maximum upload size for roundcube?
- Grant
s been
>>blocked. Please visit
>>http://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for
>>more information.
>>
>>I will delve into that link, but is there an especially good method
>>for avoiding this situation?
>>
>>- Grant
>
&g
://support.google.com/mail/bin/answer.py?hl=en&answer=188131 for
more information.
I will delve into that link, but is there an especially good method
for avoiding this situation?
- Grant
> , but that
> requires a yahoo account, you must
> be signed into your account when using this form, otherwise nothing will
> happen. Also check out
> SPF vs Sender ID <http://www.openspf.org/SPF_vs_Sender_ID> Other than
> that,
> welcome to an ongoing headache!
This message is solid gold. Thank you.
- Grant
ind your server being blocked. If
> this continues, you may get flagged as a spam source.
>
> You need to find some process to automatically prune your mail list to drop
> these invalid addresses.
I only get about 3 bounces per day so I'm hoping I can put that off for awhile.
- Grant
gt;>
>> : host mx3.hotmail.com[65.54.188.126] said: 550
>> Requested action not taken: mailbox unavailable (in reply to RCPT TO
>> command)
>>
>> I certainly don't spam or listwash (or any other sort of shadiness).
>> Can anyone help me out with advice o
ested action not taken: mailbox unavailable (in reply to RCPT TO
command)
I certainly don't spam or listwash (or any other sort of shadiness).
Can anyone help me out with advice on this?
- Grant
> Grant:
>> I'm on Gentoo and I use the etc-update script to update config files
>> after upgrading. Should dnsblog be uncommented in a default
>> master.cf? If so I may need to file a Gentoo bug.
>
> As distributed by me, the 'inet' smtpd service is act
f?
>>
>> NOQUEUE: reject: RCPT from [183.8.195.26]:3302: 450 4.3.2 Service
>> currently unavailable; from=,
>> to=, proto=ESMTP, helo=
>
> The ip 183.8.195.26 is certainly a spammer. Just looked it up using whois
> nad host(1).
Thanks James. This is all very cool. A blacklist (zen.spamhaus.org),
a whitelist (list.dnswl.org), and a "greylist". 2.11 looks to be a
fantastic release for easily-configured anti-spam measures. I'm just
not getting spam anymore and I don't think I'm rejecting legitimate
mail either.
Thanks to all,
Grant
appears to come from China. Is
this a spoof?
NOQUEUE: reject: RCPT from [183.8.195.26]:3302: 450 4.3.2 Service
currently unavailable; from=,
to=, proto=ESMTP, helo=
- Grant
that a good
config?
I also read a recommendation to set up a caching nameserver like
unbound on the same machine as postfix. Is that the right thing to
do?
Is there a way to verify that everything is working properly?
- Grant
[209.85.219.51]:41193
Aug 26 21:21:36 [postfix/postscreen] DISCONNECT [209.85.219.51]:41193
> for the dnsblog log
>
> grep 'Aug 26 21:21.*dnsblog.*209.85.219.51'
# grep '.*dnsblog.*209.85.219.51' -R /var/log/mail
#
I grep'ed the mail logs for dnsblog and got a huge number of these:
[postfix/postscreen] warning: psc_dnsbl_request: connect to
private/dnsblog service: No such file or directory
- Grant
receiving the initial
>> server greeting
>> Aug 23 09:04:03 [postfix/smtp] 80A8A5C801E: lost connection with
>> mx1.comcast.net[68.87.26.147] while receiving the initial server
>> greeting
>
> These warnings are from your Postfix SMTP client.
Do they necessarily indicate a problem with my postfix or could they
be due to a problem with the server on the other end?
- Grant
ems. Consider monitoring your
>> > packet loss rate. I run "mtr" from a cron job.
>>
>> Is it the sender's SMTP client that has problems?
>
> Please show one complete logfile record (you may anonymize the email
> address).
Aug 23 06:35:11 [postfix/smtp] 72A0E5C801E: conversation with
mx1.comcast.net[68.87.26.147] timed out while receiving the initial
server greeting
Aug 23 09:04:03 [postfix/smtp] 80A8A5C801E: lost connection with
mx1.comcast.net[68.87.26.147] while receiving the initial server
greeting
- Grant
ction with mx1.comcast.net[68.87.26.147] while receiving the
>> initial server greeting
>> conversation with mx1.comcast.net[68.87.26.147] timed out while
>> receiving the initial server greeting
>
> Your SMTP *client* also has problems. Consider monitoring your
> packet loss rate. I run "mtr" from a cron job.
Is it the sender's SMTP client that has problems?
- Grant
ction with mx1.comcast.net[68.87.26.147] while receiving the
>> initial server greeting
>> conversation with mx1.comcast.net[68.87.26.147] timed out while
>> receiving the initial server greeting
>
> Your SMTP *client* also has problems. Consider monitoring your
> packet loss rate. I run "mtr" from a cron job.
Is it the sender's SMTP client that has problems?
- Grant
swl.org/s.
I also have several of these:
lost connection with mx1.comcast.net[68.87.26.147] while receiving the
initial server greeting
conversation with mx1.comcast.net[68.87.26.147] timed out while
receiving the initial server greeting
- Grant
:
SUBJECT: Delivery status notification
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients was aborted after 7 second(s):
mas...@masked.com
- Grant
blacklisted for 24 hours after you stop
> doing that. Or at least being deferred.
>
> You aren't lishwashing or anything, are you? Can't imagine they'd do
> that for just a few of them.
No way. I don't think I've seen more than a few bounces within the
last day or two. Maybe it's too high of a percentage good mail to bad
mail? I need to start disabling an email address when I get a bounce
from it.
- Grant
ystem
within 24 hours once the complaints are again below the threshold."
Could "statistics" refer to the several messages sent from my IP
address to non-existent aol.com addresses within the last 24 hours?
- Grant
>> > Does this mean the email address doesn't
Does this mean the email address doesn't exist?
: host mailin-04.mx.aol.com[64.12.138.161] said: 550 5.1.1
: Recipient address rejected: aol.com (in reply to
RCPT TO command)
- Grant
cking all of those is perfectly safe.
>
> Perfectly safe is the categorizing process is itself perfect.
> ANd since nothing is perfect, you'll always have false positive.
Has anyone had a confirmed false positive with zen.spamhaus.org ?
- Grant
re is a consensus that
this is true, I will add zen.spamhaus.org to postscreen_dnsbl_sites.
- Grant
ilserver
> in case of deleted: it was silently dropped
>
> chosse one.
I think what happened is the postscreen deep protocol checks did such
an excellent job of reducing spam on their own that I figured the
increased chance of rejecting legitimate mail by using one or more IP
lists wasn't worth dropping the small amount of remaining spam.
- Grant
> [attribution of quotes reconstructed]
> On Sat, Aug 17, 2013 at 12:54:44AM -0700, Grant wrote:
> Noel:
>> > However, I wonder why you don't have any dns blacklists such
>> > as zen.spamhaus.org defined there. The ability of postscreen
>> > to reject kno
botnets/zombies hammering your server needlessly.
Do you mean there aren't any legitimate servers listed in
zen.spamhaus.org? When I switched servers a while back, the new IP I
received was listed on several blacklists and it was a hassle to get
them removed.
- Grant
ing precious smtpd processes is one of its
> key features.
I would just rather have a false negative than a false positive. I
get a pretty small amount of spam at this point so I don't think
reducing it further is worth increasing the chances of a false
positive.
- Grant
defer it every time.
>>
>>> Postfix 2.11 (currently in development snapshots) includes a
>>> wonderful feature to bypass postscreen tests for clients listed in
>>> dns whitelists, such as list.dnswl.org, greatly reducing unnecessary
>>> tests.
>
> And there was much rejoicing. \O/
If I understand correctly, this will completely eliminate the problem
you described above?
- Grant
f:
postscreen_dnsbl_sites = list.dnswl.org*-1
postscreen_dnsbl_whitelist_threshold = -1
Thank you for your help!
- Grant
ests for clients listed in
> dns whitelists, such as list.dnswl.org, greatly reducing unnecessary
> tests.
I'm actually using postfix-2.11_pre20130710. Can you point me in the
right direction for setting up the DNS whitelist interaction? Should
that (for example) prevent comcast.net users from receiving 450 error
email notices?
- Grant
tion that postscreen(8) can provide most of the pain and
> benefits of greylisting, by enabling the after-220 ("deep protocol")
> tests.
You were right, I'm using postscreen and deep protocol checks.
- Grant
action = enforce
postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce
postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce
postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce
- Grant
senders in some instances?
How is greylisting set up in postfix now? I know I used to use postgrey
but then I remember some sort of change. I can see that I have postgrey
installed but the service is not running. I checked main.cf and
master.cfbut I can't figure out how it's implemented now.
- Grant
n = enforce
postscreen_pipelining_enable = yes
postscreen_pipelining_action = enforce
postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce
postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce
- Grant
t;>>
>>>> $ munindoc postfix_mailstats
>>>
>>> You just improved my life.
>>>
>>>> You might also need to set group permissions to be able to read the log
>>>> file.
>>>
>>> I have this on /var/log/mail/:
>>>
>
gt;
> You just improved my life.
>
>> You might also need to set group permissions to be able to read the log
>> file.
>
> I have this on /var/log/mail/:
>
> drwx-- 2 rootroot
>
> Since Gentoo set it up this way, I wonder if changing it would open a
>
life.
> You might also need to set group permissions to be able to read the log
> file.
I have this on /var/log/mail/:
drwx-- 2 rootroot
Since Gentoo set it up this way, I wonder if changing it would open a
hole. What do you think?
- Grant
>> I think I need to tell munin where my postfix logs are
>> (/var/log/mail/current) since I use metalog. How can I do that?
>>
>> - Grant
>
> Try'n read some documentation
> http://munin.readthedocs.org/en/latest/
I've read a lot of it but:
"0 R
) since I use metalog. How can I do that?
- Grant
tried switching to the following in main.cf:
smtpd_relay_restrictions = permit_mynetworks,permit_sasl_auth
but I started getting messages like this in the log:
warning: unknown smtpd restriction: "permit_sasl_auth"
451 4.3.5 Server configuration error
- Grant
> Grant:
>> I recently upgraded from 2.9.5 to 2.10 and ever since I've been having
>> an intermittent problem with email sent from within my web framework
>> (Interchange - icdevgroup.org) not reaching its recipient. I usually
>> get an error message in Intercha
em but not with this latest issue. I know this is incredibly
vague, but can anyone hazard a guess as to what the problem might be?
The big config change I see referenced with regard to 2.10 is
smtpd_relay_restrictions but I don't see how that could be related.
My smtpd_relay_restrictions is blank.
- Grant
andom_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
postconf: warning: /etc/postfix/main.cf: unused parameter:
smtpd_relay_restrictions=
- Grant
,permit_sasl_authenticated,reject
main.cf:
mynetworks_style = host
smtpd_recipient_restrictions =
reject_unauth_destination,
permit
smtpd_relay_restrictions =
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
- Grant
value to
keep using smtpd_recipient_restrictions as before."
Since I have the following in master.cf:
-o
smtpd_recipient_restrictions=permit_mynetworks,reject_plaintext_session,permit_sasl_authenticated,reject
Should I have the following in main.cf?
smtpd_relay_restrictions =
- Grant
this is not a secure way to store a password, I'd
like to lock down the special user on my mail server so that any mail
client authenticating as that user can only send email to my email address.
That way the password doesn't need to be secure.
- Grant
my email address? The user's password is stored in plain text in
ssmtp.conf on each of my systems but I figure that doesn't matter if it can
only be used to send mail to my address.
- Grant
mydestination = my-actual-domain.com
smtpd_recipient_restrictions =
reject_unauth_destination,
permit
- Grant
>> I should add that I took Noel's advice and Thunderbird is connecting
>> remotely to 587 and Squirrelmail is connecting locally to 587 without
>> encryption or authentication. The above config pertains to that
>> arrangement.
>>
>> - Grant
>
>> Normally yes, but OP is using submission for unencrypted,
>>> unauthenticated local mail.
>>>
>>> I also suggested he explicitly set -o smtpd_tls_auth_only=yes and
>>> add reject_plaintext_session, but apparently he knows better.
>>
>> Alr
ion port *less*
> secure, *just* so you can let squirrelmail use it instead of leaving 465
> open *only* for squirrelmail.
I don't see why the submission port is made less secure if it requires
authentication (outside of mynetworks) and authentication requires
encryption.
- Grant
ed to you to continue to use port 465
> (smtps) for squirrelmail, so you didn't have to make the submission port
> less secure.
It was also repeatedly suggested that I switch to exactly the
arrangement that I've switched to.
- Grant
icitly set -o smtpd_tls_auth_only=yes and
> add reject_plaintext_session, but apparently he knows better.
Alright, I thought my config rendered those unnecessary/redundant, but
apparently not?
- Grant
y.
Because authentication requires TLS and submission requires
authentication if you aren't in mynetworks, I'm effectively requiring
TLS for submission if you aren't in mynetworks, correct?
- Grant
master.cf:
>
> submission inet n - n - - smtpd
> -o smtpd_sasl_auth_enable=yes
> -o
> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>
> main.cf:
>
> smtpd_recipient_restrictions =
> reject_unauth_destination,
&
- n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
main.cf:
smtpd_recipient_restrictions =
reject_unauth_destination,
permit
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
- Grant
command_enable = yes
postscreen_non_smtp_command_action = enforce
postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce
- Grant
w minutes ago. These changes
> still allow thunderbird to securely submit from remote locations.
>
> Repeating myself:
Got it. I misunderstood you before. May I ask why using 465 for
Thunderbird and Squirrelmail would be better than 587 for Thunderbird
and 25 for Squirrelmail t
Squirrelmail encrypt or
>> authenticate.
>
> No, I'd do exactly what I said we do here: run 587 on the loopback interface
> only, and not require authentication.
I think I can't do that because I also need to connect to 587 from
Thunderbird in remote locations.
>>
ls_security_level = may
smtpd_tls_auth_only = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
permit
- Grant
nd on port 25 from Squirrelmail when it's on the
same machine as postfix? That way I can make 587 require TLS and
authentication but not require that local Squirrelmail encrypt or
authenticate.
Also, should I have some sort of config that prevents the port 25
open-relay exploit you mentioned?
- Grant
ail and postfix are on the same machine. I've changed
Squirrelmail to send to port 25 with no authentication and no TLS and
it works! It must have been failing before because it was trying to
authenticate?
So this is working because Squirrelmail is part of $mynetworks
(localhost) and there are
is this:
>
> 587 is used by MUA's (i.e. clients) to submit *outbound* messages to your MTA
> (relay).
>
> 25 is used by your MTA to receive *incoming* messages from other
> administrative domains (organizations).
Port 25 is never used to submit outbound messages? If not, I'm
confused as to why Squirrelmail describes its "SMTP Port" setting this
way:
This is the port to connect to for SMTP. Usually 25.
- Grant
gh.
I just noticed that I can't send mail from Thunderbird unless I
include permit_sasl_authenticated in the above
smtpd_recipient_restrictions block. I get relay access denied
otherwise.
- Grant
eah I use Gmail anyway) so I'm happy
to stick with Squirrelmail over Roundcube.
- Grant
function expects
> 2 parameters and was given zero:
>
> $ cat test.php
>
>
> $ php test.php
> PHP Warning: stream_socket_enable_crypto() expects at least 2 parameters, 0
> given in /home/mjo/test.php on line 1
>
> Warning: stream_socket_enable_crypto() expects at least 2 parameters, 0
> given in /home/mjo/test.php on line 1
I get the same error. Squirrelmail does send mail over SSL 465.
- Grant
ng
> exercised.
SASL must be working since Thunderbird can send mail over 587,
correct? I don't see why local Squirrelmail won't send mail over 587,
but remote Thunderbird will. Squirrelmail also won't send mail over
port 25, but it will send mail over 465.
- Grant
or even "digest-md5" and "cram-md5" (as we do here) with TB using
> "Encrypted password" as the authentication type.
You found a typo in my /etc/sasl2/smtpd.conf which I've corrected and
I no longer get the "Bad sequence of commands 503 5.5.1 Error:
auth
_alias_maps = hash:/etc/postfix/virtual
message_size_limit = 2048
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_key_file = /etc/ssl/postfix/key.pem
smtpd_tls_cert_file = /etc/ssl/postfix/cert.pem
smtpd_tls_CAfile = /etc/ssl/postfix/cacert.pem
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
- Grant
ct to IMAP and
> SMTP servers that use STARTTLS (which is different from TLS).
I'm trying to figure out why I can't connect to 587 in Squirrelmail.
I can in Thunderbird.
- Grant
usually does not go over the WAN
If I set "Secure SMTP (TLS) : false" in squirrelmail, I get:
Authentication required
530 5.7.0 Must issue a STARTTLS command first
If I change port 587 to 25 in squirrelmail I get:
Bad sequence of commands
503 5.5.1 Error: authentication not enabled
- Grant
S on 143?
I just read that Squirrelmail doesn't support STARTTLS, so I must
continue to use smtps 465 in order to use Squirrelmail?
- Grant
_level = may
smtpd_tls_auth_only = yes
Thanks to anyone who can help me out with this or point out any
deficiencies/stupidities in my config.
- Grant
I just noticed that postgrey is listening on localhost:10030. Would
it be better to have it listen to a socket?
- Grant
good about obeying the 'rules'. And AFAIK, port 25 is one of
> the rules. Again, see Mouss for a better explanation.
>
> I've got some hand built spam filtering in my firewall -- to catch stuff
> that gets through Postfix. That's what I was trying to suggest.
Great stuff guys, thanks a lot.
- Grant
ur users can use it send
> mail).
>
> if you also need "inbound" mail (external users to send to your server),
> then you must keep port 25 open.
Thank you. I do need to receive mail on the server too so I'll keep
port 25 open.
- Grant
you elaborate on that a bit? I'm not sure what you mean.
> OTOH, you are liable to get a lot of traffic on port 25 that you don't want
> to miss. You might not really want to close it.
I thought postfix's smtp/smtps is only used for mail transmission for
my mail clients?
- Grant
g in master.cf:
smtp inet n - n - - smtpd
and restarted postfix and port 25 is closed.
- Grant
I run postfix and my mail clients use smtps so I was thinking I may as
well close port 25. How can I do that?
- Grant
http://www.postfix.org/smtpd.8.html
>
>> to the following:
>>
>> smtps inet n - n - - smtp
>> -o smtpd_tls_wrappermode=yes
>
> The one above is wrong.
>
> http://www.postfix.org/smtp.8.html
Thank you Viktor.
- Grant
inet n - n - - smtp
-o smtpd_tls_wrappermode=yes
Can anyone tell me what is the functional difference?
- Grant
Thank you Victor for giving me that wonderfully concise answer.
On Jun 17, 2010, at 9:53 AM, Victor Duchovni wrote:
On Thu, Jun 17, 2010 at 07:30:44AM -0700, Andrew G. Grant wrote:
> Jose,
>
> Unfortunately, looking at another server OS doesn't help me to find the
> answer
Jose,
Unfortunately, looking at another server OS doesn't help me to find the
answer to this question. But thank you for the suggestion.
I am still trying to find out how Apple OS X Server 10.6.3
(Darwin Kernel Version 10.3.0), running Postfix 2.5.5, Amavisd,
ClamAV, SpamAssassin, Dovecot, and S
Thank you Wietse. That was very helpful and I believe I can get this done now.
——
Andrew Grant
Information Systems Administrator
Email: andrew.gr...@caddock.com
Caddock Electronics, Inc.
High Performance Resistor Products
Web: www.caddock.com
17271 North Umpqua Hwy
d updating another separate list of
Email Addresses and User Names for "smtpd_sender_login_maps".
On Jun 16, 2010, at 3:49 AM, Charles Marcus wrote:
On 2010-06-15 6:29 PM, Andrew G. Grant wrote:
> Can anyone answer the question about how SASL is able to
> authenticate Users with their Passwords stor
I just got smtpd_sender_maps to work with smtpd_sender_restrictions using
reject_authenticated_sender_login_mismatch.
While researching how that worked, I saw information indicating that you could
apply the reject_sender_login_mismatch to the smtpd_recipient_restrictions.
Can someone explain ho
1 - 100 of 122 matches
Mail list logo