On 21/02/2010 19:34, Darren Pilgrim wrote:
Jonathan Tripathy wrote:
Sorry I forgot to state that im only concerned with MY server here.
For example, I don't want someone to telnet to MY postfix server, and
give m...@mydomain.com for both sender and receiver
Require authentication, set up smtpd_sender_login_maps and use the
reject_sender_login_mismatch restriction.
Yup, I'm already using all of that, however that only prevents spoofing
of real addresses. So for example:
MAIL FROM:<realaddr...@mydomain.com>
RCPT TO:<realaddr...@mydomain.com>
Would fail which is good, however:
MAIL FROML<notarealaddr...@mydomain.com>
RCPT TO:<realaddr...@mydomain.com>
would fail for an authenticated user (which is good), however it would
allow the mail through for a non-authenticated user...