Postfix允许自己的域被发送而不要求login

Postfix的问题,(我昨天问这个,并试图删除我自己的post,而不是编辑它抱歉)

我使用Postfix + SASL

我在main.cf获得了这些设置:

 smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_client_access hash:/var/lib/pop-before-smtp/hosts,reject_unauth_destination 

并在这台服务器上我有域myrealdomain.com

现在,如果我使用SMTPtesting器,并使用域fakedomain.com作为发件人,它会被阻止,因为它应该,但如果我使用myrealdomain.com邮件服务器只是不接受电子邮件,它也将它传递到我告诉它交付的任何电子邮件。

现在我希望它总是要求login和passwd当有人试图从我的服务器发送电子邮件,无论它使用的邮件服务器托pipe域名或不!

就像现在一样,只要您使用托pipe在邮件服务器上的域,就可以使用我的服务器来垃圾邮件。

postconf -n输出:

 alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 debug_peer_level = 1 debug_peer_list = html_directory = /usr/share/doc/postfix/html inet_interfaces = all mailbox_size_limit = 0 mydestination = localhost myhostname = mail.myrealdomain.com mynetworks = 127.0.0.0/8, 192.168.0.0/16 myorigin = /etc/mailname proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $mynetworks $virtual_mailbox_limit_maps $transport_maps readme_directory = /usr/share/doc/postfix receive_override_options = no_address_mappings recipient_delimiter = + relayhost = sender_canonical_maps = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = mail.myrealdomain.com ESMTP FrogSMTP powered by FrogLinux smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,check_client_access hash:/var/lib/pop-before- smtp/hosts,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_tls_CAfile = /etc/postfix/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_uid_maps = static:5000 

您的smtpd_recipient_restrictions不够严格。 如果这台机器不是MX,而是MSA / MTA,那么你可能会想要以reject结束。

示例MSA / MTA设置:
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject

这将接受来自已authentication用户的邮件和mynetworks列出的地址,并拒绝所有其他邮件。