Noel, Your instructions worked perfectly. Now only clients that AUTH can relay AND send mail to systems users.
The system user thing was really bothering me. What would stop a spammer from connected to my server and spamming the hell out of my system users (domain that Postfix receieves for) if there was no way to AUTH them?? Anyway, would you mind just looking over the end of my main.cf file and seeing if you see anything "out of the ordinary" or anything I could improve on? I've been using Postfix for about 3 years, but like most people, once it is running for a while I forget how to administer the damn thing. I'm moving all my servers to a new Linux box so I am having to remember what I did all those years ago! :-) Thank you so much for your help! Rodman ------- virtual_alias_domains = domain1.com domain2.com virtual_alias_maps = hash:/etc/postfix/virtual smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_unauth_destination, reject_unknown_recipient_domain, # commented out for testing at this time check_policy_service unix:private/policy smptd_delay_reject = yes smtpd_helo_required = yes smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/etc/postfix/reject_my_domain, #ABOVE MAKES SURE EVEN MY_DOMAIN SENDERS USE SASL TO AUTH TO SMTP #MUST USE POSTMAP -Q TO ADJUST .DB FILE IF EVER NEEDED reject_unknown_sender_domain # below for greylist # commented out for testing at this time - policy_time_limit = 3600 ----------------------