:-) On 3/3/21 5:18 PM, Bill Cole wrote:
On 3 Mar 2021, at 9:51, Marek Kozlowski wrote::-) When testing my server via telnet ... 25 it works:MAIL FROM: <""> 250 2.1.0 OkRejections in SMTP based on client, helo, and sender policy criteria are normally postponed until the RCPT stage of the transaction, no matter what the reason for rejection. A '250' response to MAIL only indicates that the command was issued in the correct state (after EHLO or HELO) and was not syntactically invalid.
Obviously. Sorry for a stupid question. Sleeping for more than 2h/day has a great future.
Moreover an active 'reject_sender_login_mismatch' restriction not blocked mail from SASL authenticated user (a compromised account) with such an envelope address. What have I missed?Log entries showing actual mail being allowed with such a sender along with the output of 'postconf -n' would be necessary to understand precisely why it was not rejected.
In short I believe it must be somewhere here:
smtpd_sender_login_maps = ldap:/etc/postfix/ldap.cf
----------------------------------------------------
server_host = ldaps://<sth>:636
version = 3
search_base = <sth>
query_filter = (&(mail=%s)(<sth>))
result_attribute = cn
result_format = %s
bind = no
dereference = 3
main.cf:
smtpd_sender_restrictions =
<sth>
reject_sender_login_mismatch,
reject_non_fqdn_sender,
permit
One user's password has been compromised. Someone had authenticated as
this user (SASL) and was able to send mail with:
Return-Path: <>I'm afraid logs were not as detailed as needed. I'm trying to understand: how??
BTW: MAIL FROM: <> 503 5.5.1 Error: nested MAIL command MAIL FROM: "" 503 5.5.1 Error: nested MAIL commandThose are precisely what they say: SMTP does not allow more than one MAIL command per transaction. Once you've had a successful MAIL command, you must either complete the transaction OR send a RSET command before Postfix will consider any new MAIL command.
Obviously. Sorry for a stupid question. Sleeping for more than 2h/day has a great future.
Best regards, Marek
smime.p7s
Description: S/MIME Cryptographic Signature
