Re: Telnet auth

2016-05-18 Thread Richard James Salts
On 19/05/16 00:38, Wietse Venema wrote: Wietse Venema: A brief example: /etc/postfix/sender_access: example.comreject Sender address requires authentication other.example reject Sender address requires authentication Do "postmap /etc/postfix/sender_access", then add this

Re: Telnet auth

2016-05-18 Thread Catalin Badirca
I will try to be more specific. Create an test account that can send emails from postfix. Telnet on the postfix machine on port 25. Now send an email from that test account to any other valid email on your domain. You will see that you are allowed to do so without authentication. The whole world

Re: Telnet auth

2016-05-18 Thread Wietse Venema
Wietse Venema: > A brief example: > > /etc/postfix/sender_access: > example.com reject Sender address requires authentication > other.example reject Sender address requires authentication > > Do "postmap /etc/postfix/sender_access", then add this to main.cf: > > smtpd_sender_re

Re: Telnet auth

2016-05-18 Thread Wietse Venema
A brief example: /etc/postfix/sender_access: example.com reject Sender address requires authentication other.example reject Sender address requires authentication Do "postmap /etc/postfix/sender_access", then add this to main.cf: smtpd_sender_restrictions = permit_mynet

Re: Telnet auth

2016-05-18 Thread D'Arcy J.M. Cain
On Wed, 18 May 2016 13:22:49 +0300 Catalin Badirca wrote: > I've tried your suggestion and the issue remains. Someone could > telnet into postfix and would be allowed to send mails from a valid > address to another valid address in mydomain without authentication. > > Is there any way I can stop

Re: Telnet auth

2016-05-18 Thread Tobi
If you do not accept submission on port 25, you could add a sender_access map to the service on port 25 smtpd_sender_restrictions = ... check_sender_access hash:/etc/postfix/sender_access ... and in said file list your domains each with action "reject" Am 18.05.2016 um 12:22 schrieb Catalin Bad

Re: Telnet auth

2016-05-18 Thread Catalin Badirca
Thank you very much for your time and sorry for the long response time. I've tried your suggestion and the issue remains. Someone could telnet into postfix and would be allowed to send mails from a valid address to another valid address in mydomain without authentication. Is there any way I ca

Re: Telnet auth

2016-05-16 Thread /dev/rob0
On Mon, May 16, 2016 at 07:25:54PM +0300, Catalin Badirca wrote: > I am breaking my head trying to solve the following thing. I have a > Postfix server that accepts mail from $mydomain and delivers for "From $mydomain" probably has nothing to do with it. > standard $mydestination. I also have s