reject_authenticated_sender_login_mismatch

  • Please include this in the postfix lua together with a fix for graylisting under Ubuntu. I don't know the correct implemantation. I tried this:


    smtpd_sender_restrictions =
    permit_mynetworks,
    reject_authenticated_sender_login_mismatch,
    reject_unknown_address,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    check_sender_access hash:/etc/postfix/sender_access


    But then I could not send at all any more. Please give this a higher priority, because it helps to identify a spamming mail account, a continuous problem with hosters.

  • On my VB test server I got it working. In /etc/postfix/main.cf:


    smtpd_sender_login_maps = hash:/etc/postfix/controlled_envelope_senders
    smtpd_sender_restrictions =
    reject_sender_login_mismatch,
    permit_sasl_authenticated,
    reject_unknown_address,
    reject_unknown_sender_domain,
    reject_non_fqdn_sender,
    check_sender_access hash:/etc/postfix/sender_access


    Apparently the reject_sender_login_mismatch, should come before any permit rules. After changes it should be compiled with:


    postmap /etc/postfix/main.cf


    This should be in /etc/postfix/controlled_envelope_senders (example, should be maintained by LUA):


    #box, alias or forwarded address sasl authenticated owner
    test@domain.com test@domain.com
    info@domain.com test@domain.com


    after changes it should be compiled with:


    postmap /etc/postfix/controlled_envelope_senders


    now only test@domain.com and info@domain.com are allowed from addresses when SASL authenticated as test@domain.com. Thunderbird errors with the message:


    An error occurred while sending mail. The mail server responded: 5.7.1 <anyaddress@gmail.com>: Sender address rejected: not owned by user test@domain.com. Please check the message recipient test@domain.com and try again.


    The last phrase is very confusing. I wonder why the recipient should be checked while the response clearly indicates a problem with the Sender address.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!