On Mon, Jan 12, 2009 at 09:35:14PM -0800, Jeff Weinberger wrote:
> When a sender is not authenticated, and
> reject_unauthenticated_sender_login_mismatch is specified, postfix takes
> the MAIL FROM address, looks it up in smtpd_sender_login_maps and if
> it's found, the message is rejected?
>
> Essentially the lookup is just for the existence of the MAIL FROM
> address in the smtpd_sender_login_maps table?
Yes, that's what I said.
> Am I then correct in concluding that with:
>
> smtpd_sender_restrictions =
> permit_sasl_authenticated,
> reject_authenticated_sender_login_mismatch,
> reject
Observe that the order of the first two elements is not entirely
correct.
> that the permit_sasl_autheticated obviates the need for
> reject_unauthenticated_sender_login_mismatch?
> (as there would never be an unauthenticated sender permitted...)
Yes. this saves you a table lookup before unauthenticated senders are
rejected outright via "reject".
> And am I also correct in concluding that if unauthenticated senders were
> allowed (as they would have to be for smtpd to accept messages from the
> internet), that reject_unauthenticated_sender_login_mismatch would
> prevent any non-authenticated sender from sending a message from (with MAIL
> FROM) any address listed in my smtpd_sender_login_maps?
Yes, that's I said.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majord...@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
