0

I have a postfix/dovecot mail server setup. Mail is working perfectly. External relays are disabled.

The issue is external servers can telnet to smtp 25 and spoof email from any valid domains hosted on that server - allowing relay to internal domains. so anyone@example.com can send any emails to anyone@example.com

How do I stop this?

mynetworks

192.168.0.0/16
10.0.0.0/8
127.0.0.0/8

etc/postfix/main.cf

smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_rbl_client zen.spamhaus.org,  reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net,check_policy_service unix:private/spfpolicy

I think the issue is mysql-relay_domains contains all the domains the server hosts - which bypass normal relay security.

Can anyone help me secure this please. Thanks

John Christian Grey Daly
  • 11
  • 1
  • 2
  • What you're describing is not an "internal relay" but a standard way of delivering mail to local domains. You do want your mail delivered to the local domains, right? Then you can't stop this easily. If the incoming e-mails are undesired they must be spam - and you will have to implement some way of filtering spam (greylisting, amavis/spamassassin etc.). – piit79 Dec 03 '15 at 12:20
  • I still want mail delivered to local domains, but I want to stop external servers being able to "spoof" sending emails to one of my local domains from one of my local domains. – John Christian Grey Daly Dec 03 '15 at 13:48
  • Ever heard of SPF? – sebix Dec 24 '15 at 13:10

0 Answers0