On 7/2/21 11:05 AM, Marek Kozlowski wrote:
> :-)
>
> On 7/2/21 5:02 PM, [email protected] wrote:
>>
>> Do you mean this literally? Stopping me from sending an email using my
>> mail server that claims to be from 'your.domain'?
>> You can't, you can only publish SPF records and hope the receiving mail
>> server of the spoofed email rejects it based on those records.
>>
>> Or do you mean just preventing users on your mail server from sending a
>> spoofed from address? In that case reject_sender_login_mismatch does
>> this completely on its own.
>
> OK, small clarification:
>
> I'd like to disable any mail from 'my.domain' from external networks and
> non authenticated users...
>
> ...delivered to my users.
So what you REALLY mean is, you want to reject incoming mail from
senders forging your domain name. Try something like this:
main.cf:
smtpd_sender_restrictions = permit_mynetworks
...
check_sender_access lmdb:/etc/postfix/sasl_authenticated
check_sender_access lmdb:/etc/postfix/block-local-sender
block-local-sender:
my.domain REJECT Fake local sender address is not allowed
--
Phil Stracchino
Babylon Communications
[email protected]
[email protected]
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
