>>> Postfix, by default, only queues mail that is destined for that system
>>> (mydestination or virtual settings), included in mynetworks, or listed
>>> in relay_domains
>>> This only changes if *you* tell Postfix not to. The config below does
>>> not show any such weakness.
>> Hmmm, so basically there is no way to enforce that mail sent through
>> the mail server will always be either from or to one of my domains :-(
>
> Would it be possible to use sender verification to match negatively?
> That way I could run two instances of postfix and have one check
> sender and the other recipient
> If it comes from the internal interface at lease sender should be local
> if it comes from the external interface at least recipient should be local
>
> Not sure if this is possible, but it would definitely solve it, at least I
> think
I believe I have the solution.
Unfortunately no way to implement it :-(
When I add the following to main.cf, this should perform the check, so
only people I know are allowed to send through postfix and they can
send anywhere. This should also prevent anyone to send mail from an
address that isn't one of mine.
smtpd_reject_unlisted_recipient = no
smtpd_reject_unlisted_sender = yes
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination
smtpd_sender_restrictions =
Unfortunately, it does not work.
The output of postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
mydestination =
myhostname = server01.fonville-it.nl
mynetworks = 0.0.0.0
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_mailbox_domains = mail.fonville-it.nl, fonville-it.nl
virtual_mailbox_maps = ldap:/etc/postfix/ldap-mailbox-maps.cf
virtual_transport = zarafa
What have I done wrong?
Regards,
Serge Fonville
--
http://www.sergefonville.nl
Convince Google!!
They need to support Adsense over SSL
https://www.google.com/adsense/support/bin/answer.py?hl=en&answer=10528
http://www.google.com/support/forum/p/AdSense/thread?tid=1884bc9310d9f923&hl=en
