Noel,
Your instructions worked perfectly. Now only clients that AUTH can relay AND
send mail to systems users.
The system user thing was really bothering me. What would stop a spammer from
connected to my server and spamming the hell out of my system users (domain
that Postfix receieves for) if there was no way to AUTH them??
Anyway, would you mind just looking over the end of my main.cf file and seeing
if you see anything "out of the ordinary" or anything I could improve on? I've
been using Postfix for about 3 years, but like most people, once it is running
for a while I forget how to administer the damn thing. I'm moving all my
servers to a new Linux box so I am having to remember what I did all those
years ago! :-)
Thank you so much for your help!
Rodman
-------
virtual_alias_domains = domain1.com domain2.com
virtual_alias_maps = hash:/etc/postfix/virtual
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_unauth_destination,
reject_unknown_recipient_domain,
# commented out for testing at this time check_policy_service
unix:private/policy
smptd_delay_reject = yes
smtpd_helo_required = yes
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,
check_sender_access hash:/etc/postfix/reject_my_domain,
#ABOVE MAKES SURE EVEN MY_DOMAIN SENDERS USE SASL TO AUTH TO SMTP
#MUST USE POSTMAP -Q TO ADJUST .DB FILE IF EVER NEEDED
reject_unknown_sender_domain
# below for greylist
# commented out for testing at this time - policy_time_limit = 3600
----------------------
