NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-04

Re: security hole -- anynomous user can send email from my postfix

From: JOYDEEP (j.bakshiunlimitedmail.org)
Date: Mon Apr 02 2007 - 05:29:48 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Charles Marcus wrote:
>>>> How can I use LDAP with postfix for user authentication
>>>> or
>>>> how to use the authentication u are asking for ?
>
>>> start by adding
>>> reject_unlisted_recipient
>>> reject_unlisted_sender
>>> at the top of your smtpd_recipient_restrictions.
>
>> I have done smtpd_recipient_restrictions = reject_unlisted_sender
>>
>> and now I can't send mail even as a valid user. have I done anything
>> wrong here ?
>> please suggest.
>
> Logs? postconf -n (to prove you made the changes)?

here is postconf -n
---------------------------------------------------------------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
delay_warning_time = 4h
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = lmtp:unix:/var/lib/imap/socket/lmtp
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydestination = kolkatainfoservices.in, localhost.$mydomain, localhost,
$mydomain
mydomain = kolkatainfoservices.in
myhostname = linux.kolkatainfoservices.in
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
recipient_delimiter = +
relay_domains =
relayhost =
sample_directory = /usr/share/doc/packages/postfix/samples
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtpd_recipient_restrictions = reject_unlisted_sender
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/postfix-cert.pem
smtpd_tls_key_file = /etc/postfix/postfix-key.pem
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
unknown_local_recipient_reject_code = 550
------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]