--- In [email protected], Victor Duchovni <victor.ducho...@...> wrote: > > On Mon, Jan 12, 2009 at 09:35:14PM -0800, Jeff Weinberger wrote: > > > When a sender is not authenticated, and > > reject_unauthenticated_sender_login_mismatch is specified, postfix takes > > the MAIL FROM address, looks it up in smtpd_sender_login_maps and if > > it's found, the message is rejected? > > > > Essentially the lookup is just for the existence of the MAIL FROM > > address in the smtpd_sender_login_maps table? > > Yes, that's what I said. > > > Am I then correct in concluding that with: > > > > smtpd_sender_restrictions = > > permit_sasl_authenticated, > > reject_authenticated_sender_login_mismatch, > > reject > > Observe that the order of the first two elements is not entirely > correct. > > > that the permit_sasl_autheticated obviates the need for > > reject_unauthenticated_sender_login_mismatch? > > (as there would never be an unauthenticated sender permitted...) > > Yes. this saves you a table lookup before unauthenticated senders are > rejected outright via "reject". > > > And am I also correct in concluding that if unauthenticated senders were > > allowed (as they would have to be for smtpd to accept messages from the > > internet), that reject_unauthenticated_sender_login_mismatch would > > prevent any non-authenticated sender from sending a message from (with MAIL > > FROM) any address listed in my smtpd_sender_login_maps? > > Yes, that's I said.
thank you for confirming, and allowing my still-growing knowledge of postfix to confirm your answers. this will help quite a lot! > > -- > Viktor. > > Disclaimer: off-list followups get on-list replies or get ignored. > Please do not ignore the "Reply-To" header. > > To unsubscribe from the postfix-users list, visit > http://www.postfix.org/lists.html or click the link below: > <mailto:majord...@...?body=unsubscribe%20postfix-users> > > If my response solves your problem, the best way to thank me is to not > send an "it worked, thanks" follow-up. If you must respond, please put > "It worked, thanks" in the "Subject" so I can delete these quickly. >
