Viktor Duchovni wrote:
On Mon, Jan 12, 2009 at 01:25:38PM -0800, Jeff Weinberger wrote:
reject_sender_login_mismatch checks the from address against
smtpd_sender_login_maps to be sure that the MAIL FROM address is
owned
by
the SASL-authenticated sender.
But with reject_unauthenticated_sender_login_mismatch, there is no
SASL-authenticated sender.
This subsumes the functionality of both:
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch
OK, I missed the first one in the doc, so it makes sense.
if the session is authenticated the first test is applied, otherwise
the second test is applied.
http://www.postfix.com/postconf.5.html says that
reject_unauthenticated_sender_login_mismatch "Enforces the
reject_sender_login_mismatch restriction for unauthenticated clients
only"
(and nothing more)
All of that to get to my question:
What does reject_unauthenticated_sender_login_mismatch check the MAIL
FROM
address against?
The smtpd_sender_login_maps table.
Sorry, I mis-asked the question. When
reject_authenticated_sender_login_mismatch is specified, postfix takes
the
MAIL FROM address, looks it up in the smtpd_sender_login_maps table, and
checks to make sure the authenticated sender is in there and the MAIL
FROM
address is owned by the authenticated sender.
So....
Or does it just check the smtpd_sender_login_maps for a valid MAIL
FROM
address (regardless of ownership)?
s/valid//
If an address is found in the table, and the sender is not
authenticated,
the message is rejected.
When a sender is not authenticated, and
reject_unauthenticated_sender_login_mismatch is specified, postfix takes
the MAIL FROM address, looks it up in smtpd_sender_login_maps and if
it's
found, the message is rejected?
Essentially the lookup is just for the existence of the MAIL FROM
address
in the smtpd_sender_login_maps table?
Am I then correct in concluding that with:
smtpd_sender_restrictions = permit_sasl_authenticated,
reject_authenticated_sender_login_mismatch, reject
that the permit_sasl_autheticated obviates the need for
reject_unauthenticated_sender_login_mismatch?
(as there would never be an unauthenticated sender permitted...)
And am I also correct in concluding that is unauthenticated senders were
allowed (as they would have to be for smtpd to accept messages from the
internet), that reject_unauthenticated_sender_login_mismatch would
prevent
any non-authenticated sender from sending a message from (with MAIL
FROM)
any address listed in my smtpd_sender_login_maps?
(yes, I'm trying to figure out if using this in my
smtpd_sender_restrictions would help and how it might do so)
If you are already using the combined restriction, there is no point
in adding either of the constituent building-block restrictions.
That makes perfect sense.
If you want to restrict your policy to either the authenticated, or
the
unauthenticatd case, then replace the combined restriction with the
appropriate more specific restriction.
As you see, I'm more interested in whether
reject_unauthenticated_sender_login_mismatch makes sense at all for my
setup and if so, in which context. If my two conclusions above are
correct,
it makes sense on the general access service, but not on the submission
service.
Thank you so much for your help!!
--
Viktor.
