[Discuss] Strange sendmail (and postfix) spam issue: accepting fail "from" myself?
Derek Atkins
derek at ihtfp.com
Tue Mar 29 13:24:11 EDT 2016
Hi Rich,
On Tue, March 29, 2016 1:15 pm, Rich Pieri wrote:
> Postfix out of the box should not permit what you describe so I think
> you broke something. Things to check in main.cf: mydestination,
> mynetworks, relay_domains, and smtpd_relay_restrictions.
I thought so, too. Here's what I've got:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
/etc/postfix/hostlist
mynetworks = 127.0.0.0/8 <my class C>/24 192.168.X.0/24
[2001:xxxx:yyyy::]/48 [::1]/128 [fe80::]/10
relay_domains is not set
smtpd_relay_restrictions =
For kicks I just added reject_unauthenticated_sender_login_mismatch to my
smtpd_sender_restrictions:
smtpd_sender_restrictions = permit_mynetworks,
permit_tls_clientcerts,
permit_sasl_authenticated,
check_sender_access hash:/etc/postfix/goodsender,
check_sender_access hash:/etc/postfix/badsender,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
check_sender_access hash:/etc/postfix/sender_access,
reject_unverified_sender,
reject_unauthenticated_sender_login_mismatch,
permit
> Not sure off-hand what the sendmail equivalents are.
This is my bigger concern.... :(
One of these years I should just migrate that server over to postfix.
> Rich P.
-derek
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
More information about the Discuss
mailing list