Re: postfix security configuration

To: debian-security@lists.debian.org
Subject: Re: postfix security configuration
From: Wilfried Essig <wedebianlsts@essignetz.de>
Date: 11 Aug 2003 21:45:58 +0200
Message-id: <[🔎] 1060631157.1812.41.camel@nb-bwe1.essignetz.de.local>
In-reply-to: <[🔎] 20030810102616.B27716A88E@flash.ball.reliam.net>
References: <[🔎] 20030810102616.B27716A88E@flash.ball.reliam.net>

Am Son, 2003-08-10 um 12.26 schrieb Fallen Angel:
> hi,
> 
> my config:
> debian stable 3.0r1
> postfix
> qpopper 
> 
> I have a small problem: 
> 
> my smtp after pop3 configuration works fine, no open relay possible, but
> the authentificated users can fake their own e-mail address. 
> 
> How can I stop it, so they can only use the adress which were set up for
> them. 

As i know, only by adding "reject_sender_login_mismatch" 
to "smtpd_sender_restrictions". Be careful about the order of your
restrictions under  "smtpd_sender_restrictions". Look for the exact
syntax in postfix docs on your machine. And : you'll need to smtp-auth
your smtp-clients with sasl for postfix-smtpd. 
This information is from postfix 2.0.3. Im using this with cyrus 2.1 and
sasl 2.2 from http://people.debian.org/~hmh.


-- 
Wilfried Essig

Reply to:

References:
- postfix security configuration
  - From: "Fallen Angel" <mailoperator@uni.de>

Prev by Date: Re: postfix security configuration
Next by Date: Re: postfix security configuration
Previous by thread: Re: postfix security configuration
Next by thread: DSA-361-2
Index(es):
- Date
- Thread