0

I have a mail server where I use Postfix and Dovecot. On this server I use ISPConfig for handling user mailboxes. I have now 2 main domains (mrtsolutions.it and geacloud.it).

I have 2 mailboxes: something@mrtsolutions.it and hello@geacloud.it

Using smtper.net I realized I can send email from something@mrtsolutions.it authenticating as hello@geacloud.it. I would like to send email only from account I used for the login.

I also realized that I can send email from something@mrtsolutions.it authenticating me on a completely different mail server such for example as my business company one (mail.vianova.it) using another account.

How can I solve? This scares me a lot.

This is my main.cf: https://pastebin.com/NF39HZ1R

Lorenzo Martini
  • 111
  • 4

1 Answers1

0

With your own Postfix server you would need reject_sender_login_mismatch which checks smtpd_sender_login_maps. Currently you have neither.

You can't handle which sender email addresses someone else's mail server accepts, but you can restrict the usage of your domains using SPF, DKIM and DMARC.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129