On 2011-10-06 18:06, mephistophe...@operamail.com wrote:
On Thursday, October 06, 2011 9:28 AM, "Jeroen Geilman"
<jer...@adaptr.nl> wrote:
That's a bad idea, unless you run an open relay; postfix should know
what valid recipients are, so it can reject everything that is not.
It works fine. Users that are defined in Dovecot/LMTP pass/user-db are
accepted; if not defined, Postfix promptly rejects the mail.
That is not what you said.
Dovecot and postfix do not communicate valid recipients, so if you wish
*postfix* to reject invalid recipients when it receives the original
message, it is *postfix* that needs to have a database of valid recipients.
The fact that this may be _the same database_ as dovecot uses is
irrelevant; it must be defined in the *postfix* configuration.
If *postfix* does not have this list, and accepts recipients blindly,
invalid recipients will be bounced by the LMTP transport to dovecot, and
*postfix* will send backscatter spam.
http://wiki2.dovecot.org/HowTo/VirtualUserFlatFilesPostfix
This Howto describes using the same database for both postfix and
dovecot authentication, something that was never stated by you.
reject_sender_login_match should generally be set only on your submission
listener.
That makes sense. Set in master.cf, then?
The doc example @ http://www.postfix.org/SASL_README.html clearly places
the 'reject_sender_login_mismatch' in "/etc/postfix/main.cf".
Are the docs incorrect?
As I said, the *interactions* between SASL-submission, non-SASL port 25
submission, and the presence or absence of reject_sender_login_mismatch
on either or both these listeners, MAY combine in unexpected ways.
If you follow the examples in the documentation *exactly*, postfix will
behave as described.
Since you provided no configuration, it is impossible to tell whether
you did or not, and I prefer to err on the side of warning what you
might have done wrong. You wouldn't be the first.
--
J.
