On Thu, 26 Mar 2026 14:08:27 +0000 Allen Coates via Postfix-users <[email protected]> wrote:
> On 26/03/2026 12:16, Sad Clouds via Postfix-users wrote: > > It looks like there is no AUTH, but for some reason I can still submit > > mail on port 25 in some cases. There are two cases I'm testing: > > Some while ago, I had a spate of spam messages, addressed to me, and claiming > to be from "support" or "accounts" or > "personnel" (at) "mydomain". They were coming in - unauthenticated - on > port 25. > > These were caught by placing an entry in the sender_access file, resolving to > anything from "mydomain", with an action > of "permit_sasl_authenticated, reject" Thanks for the tip, this seems to be a good way to block users in my virtual domains from sending mail via port 25 # cat /etc/postfix/smtpd_sender_access example.com REJECT Now if anyone from @example.com is sending unauthenticated mail to port 25, it gets rejected. I have a separate /etc/postfix/mua_sender_access for the authenticated submission smtpd process. _______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
