0

I have some minor problems I want to solve regarding postfix.

Errors of this kind pop up periodically (1-5 times a day):

Feb  1 14:11:37 mail postfix/submission/smtpd[27435]: connect from relayserver.com[***.***.***.***]
Feb  1 14:11:37 mail postfix/submission/smtpd[27435]: Anonymous TLS connection established from relayserver.com[***.***.***.***]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Feb  1 14:11:37 mail postfix/submission/smtpd[27435]: NOQUEUE: reject: RCPT from relayserver.com[***.***.***.***]: 554 5.7.1 <recipent@domain.com>: Recipient address rejected: Sender is not same as SMTP authenticate username; from=<sender@domain.com> to=<recipent@domain.com> proto=ESMTP helo=<relayserver.com>
Feb  1 14:11:37 mail postfix/submission/smtpd[27435]: disconnect from relayserver.com[***.***.***.***] ehlo=2 starttls=1 auth=1 mail=1 rcpt=0/2 quit=1 commands=6/8

(For understanding: I have a mailserver(where the log is from) and the relayserver, which logs into that server and sends a mail.)

As far as I understand, somebody logs into the mailserver correctly, lets say its "niceguy@domain.com", and then hes trying to send a mail to "recipent@domain.com", but he tries to send the mail as "sender@domain.com", right?

So, how am I able to see who exactly tries to send these mails? Anonymous TLS connection doesn't really help me :( Is there any way to raise a log level or sth?

lemon
  • 21
  • 1
  • 6
  • Submission is without authentication ? Anybody can send mails from your server without authenticate ? If it is the case, there is an open relay. – Dom Feb 02 '17 at 12:17
  • There is no open relay, people have to authenticate, as you can see in the log above. – lemon Feb 02 '17 at 12:41

0 Answers0