On Thu, 2009-01-08 at 14:02 -0300, Reinaldo de Carvalho wrote: [ snip ] > > > > Hey! That did the trick! > > > > Thanks for the help. Can you explain me why is it a problem if it si an > > external MTA? > > > > > > Martín > > > > Because any sender not equal to example.com will be reject. > > You should enforce sender domain only for local network or > autenthicated connections. > > Example: > > smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access > > # /etc/postfix/access > example.com permit_mynetworks, permit_sasl_authenticated, reject > > # postmap /etc/postfix/access >
I see it now... I'll try to be a little more detailed. The server will be used by a web site. It'll use it for register users, send passwords, remainders, etc. The problem here is that sometimes developers screw it, and mails are send using some "@gmail" or "@yahoo" domain (mostly for some test and then leaved there by mistake). What I want to do here is force them to not do such things in production environment (yes, I can shoot them too, but you know...). Server shouldn't receive any mail at all. May be I'd add "<>" to /etc/postfix/access? Another solution is to install cyrus and add a user, then restrict only logged users, but (correct me), it will accept any (forged) domain, and it can be authenticated anyway. Thanks again for your responses and patience! ;) Cheers Martín
