|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: ONLY allow NON final destination mail if permit_mynetworks AND permit_sasl_authenticated is true?
From: Alex Satrapa (alex.satrapa
apf.edu.au)
Date: Wed Mar 29 2006 - 20:07:32 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 30 Mar 2006, at 10:43, mouss wrote:
> I'm not about De Morgan laws. It's just that using
> reject_unauth_destination in sender restrictions is not natural.
It's perfectly natural to me. The way I parse it in my head is that
the smtpd_sender_restrictions specifies a bunch of rules to the smtpd
about what is allowed to populate the envelope sender field, so:
(Correct me if I'm wrong, if you dear reader are someone
knowledgeable in these things...)
> smtpd_sender_restrictions =
> permit_sasl_authenticated,
> reject_unauth_destination
I read this as as, "the smtpd applies the following rules to validate
the sender field - accept anything in this field if the client is
SASL authenticated, reject any sender value unless the message is
being sent to an authorised destination."
This means, for example, that if I was to connect to my mail server
from a laptop out in the world, I either have to connect using SASL
to send email (in which case I can send from any email address my
mail client knows about), or I have to be sending the message to
someone at the domain(s) the mail server is serving. Once you are
sending the message to someone at the domain(s) the mail server is
serving, it doesn't care who you claim to be (the content of the
sender field doesn't matter if the recipient field is someone we know).
Alex
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]