On 31 October 2011 15:16, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 10/31/2011 12:31 PM, Simon Brereton wrote: >> Hi >> >> I was evaluating my smptd_recipient_restrictions last week and decided that >> it made no sense to have reject_sender_login_mismatch after >> permit_sasl_authenticated. So I changed it. At the time I was reviewing >> the documentation I wasn't able to figure out the difference between >> reject_authenticated_sender_login_mismatch and reject_sender_login_mismatch. > > Did you see this? > http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch > > With the "authenticated" version, the sender address is only checked > if the user has authenticated. This allows unauthenticated mail to > use a protected sender address, which may be needed for > notification/invitation services etc. that "spoof" the sender > address for incoming mail. > >> >> Since then I have a few items in the logs like: >> >> Oct 30 17:59:40 mail postfix/smtpd[21281]: connect from >> cpc17cable-connection.cableprovider.com[12.34.56.78] >> Oct 30 17:59:40 mail postfix/smtpd[21281]: setting up TLS connection from >> cpc17cable-connection.cableprovider.com[12.34.56.78] >> Oct 30 17:59:40 mail postfix/smtpd[21281]: Anonymous TLS connection >> established from cpc17cable-connection.cableprovider.com[12.34.56.78]: TLSv1 >> with cipher AES128-SHA (128/128 bits) >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@satemwa.com> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@technica.co.uk> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@gmail.com> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@yahoo.co.uk> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@suddenlink.net> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> to=<recipi...@btinternet.com> >> proto=ESMTP helo=<jemima> >> Oct 30 17:59:43 mail postfix/smtpd[21281]: NOQUEUE: reject: RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78]: 553 5.7.1 >> <myu...@example.com>: Sender address rejected: not owned by user >> myu...@example.com; from=<myu...@example.com> >> to=<recipi...@mgcswarriors.org> proto=ESMTP helo=<jemima> >> Oct 30 18:09:43 mail postfix/smtpd[21281]: timeout after RCPT from >> cpc17cable-connection.cableprovider.com[12.34.56.78] >> Oct 30 18:09:43 mail postfix/smtpd[21281]: disconnect from >> cpc17cable-connection.cableprovider.com[12.34.56.78] >> >> Googling led me to this thread: >> http://comments.gmane.org/gmane.mail.postfix.user/210413 >> >> But I don't understand how myu...@example.com is not owned by >> myu...@example.com > > Apparently this user didn't authenticate. > You define who owns what address in smtpd_sender_login_maps. There > are no "automatic" mappings.
Thanks again Noel. That helps my understanding. Cheers Simon
