Hi All, I'm having trouble locking down relaying and I can't see what
I'm doing wrong.
I'm trying to configure the server to only send mail iff:
1. Sender is on mynetworks, or
2. Sender is authenticated
Everything else should be rejected but it isn't, and I can't see whats
wrong with my config.
Any help appreciated!
-- Jason
# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
home_mailbox = Maildir/
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mailbox_size_limit = 0
message_size_limit = 42000000
mydestination = mail.ibsglobalweb.com, ibsglobalweb.com,
ibsglobalweb.com.au, mail, localhost.localdomain, localhost
myhostname = mail.ibsglobalweb.com
mynetworks = 127.0.0.0/8, 192.168.168.0/24, 192.168.1.0/24, 10.5.0.0/24,
122.102.100.128/27, 60.224.85.141/32, 218.215.147.70/32,
144.132.35.109/32, 216.146.32.0/23
myorigin = /etc/mailname
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Linux)
smtpd_recipient_limit = 42000000
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/mail.ibsglobalweb.com.cert.pem
smtpd_tls_key_file = /etc/postfix/mail.ibsglobalweb.com.key.pem
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
