On Mon, Feb 19, 2018 at 11:42 AM, Wietse Venema <wie...@porcupine.org> wrote:
>> I have a postfix-3.1.4 system with a few hundred people using the
>> submission service. One of the accounts was recently compromised, and
>> started sending mail as fake users in the same domain. How can I
>> prevent this?
> And use one of:
Is an unauthenticated client one that simply has not logged in successfully?
Would I be safest by just starting with reject_sender_login_mismatch?
Guidance on which restriction should be used would be appreciated.
I was thinking I would just modify the script that is used to add new
users to also now add to this smtpd_sender_login_maps then rebuild the
hash. Does that sound correct?
smtpd_sender_restrictions = reject_sender_login_mismatch
smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps
us...@sub.example.com, us...@sub.example.com, us...@sub.example.com