On Mon, Feb 19, 2018 at 11:42 AM, Wietse Venema <wie...@porcupine.org> wrote:
> Alex:
>> Hi,
>> I have a postfix-3.1.4 system with a few hundred people using the
>> submission service. One of the accounts was recently compromised, and
>> started sending mail as fake users in the same domain. How can I
>> prevent this?
> See:
> http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps
> And use one of:
> http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
> http://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch
> http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch
> http://www.postfix.org/postconf.5.html#reject_known_sender_login_mismatch

Is an unauthenticated client one that simply has not logged in successfully?

Would I be safest by just starting with reject_sender_login_mismatch?
Guidance on which restriction should be used would be appreciated.

I was thinking I would just modify the script that is used to add new
users to also now add to this smtpd_sender_login_maps then rebuild the
hash. Does that sound correct?

smtpd_sender_restrictions = reject_sender_login_mismatch
smtpd_sender_login_maps = hash:/etc/postfix/sender_login_maps

us...@sub.example.com, us...@sub.example.com, us...@sub.example.com

Reply via email to