My domains are listed in virtual_alias_domains and my legit
senders/recipients in virtual_alias_maps.
I recently discovered the 'reject_unlisted_sender' option which
successfully prevents (auth) senders from sending from an unknown
name@mydomain. For instance f...@timedicer.co.uk is blocked as a sender.
This is much simpler than my previous approach to this problem.
But it doesn't stop them sending from a different domain that is not
listed in my virtual_alias_domains, such as f...@gmail.com. Currently I
stop this with my own check_sender_access file (in an smtpd restriction
list applied only to auth emails) that DUNNOs my domains and then
REJECTs all others.
I feel there is (or ought to be) a way of achieving this that does not
require creating a bespoke file/entry. I see
'reject_unknown_sender_domain' but it does not match my use case, and I
cannot use 'reject_sender_login_mismatch' because some users need to be
able to send from >1 name (all @mydomain) but using 1 login. I think I
want 'reject_unlisted_sender_domain' (which does not exist).
Am I missing something?
- Block auth senders using other domains Dominic Raferd
-
