[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSE 9.0: postfix sasl authentikation fails



> -----Original Message-----
> From: Arjen de Korte [mailto:suse-security@xxxxxxxxxxxx] 
> Sent: Friday, January 09, 2004 3:22 PM
> 
> On Friday 09 January 2004 14:59, Marc Samendinger wrote:
> 
> >  smtpd_sender_restrictions =
> >  	permit_mynetworks,
> >  	permit_sasl_authenticated,
> >  	reject
> 
> You would drop virtually all incoming mail from external, 
> non-authenticated 
> users to you. I can't imagine this is what you want. I think 
> the following 
> lines may be more appropriate:
> 
> smtpd_sender_restrictions =
> smtpd_recipient_restrictions =
> 	permit_mynetworks,
> 	permit_sasl_authenticated,
> 	permit_auth_destination,
> 	reject
> 
> The above translates to allow all 'MAIL FROM' sender 
> adresses, but only accept 
> 'RCPT TO' adresses if the client is from 'mynetworks', 
> 'sasl_authenticated' 
> or the recipient is in the list of domains for which we 
> recieve or relay 
> mail.

I really did not check the logic behind the restrictions
I just saw the "missing" commas and thought they were
needed but I checked again and see they are optional.

another suggestion to the smtpd_recipient_restrictions

smtpd_sender_restrictions =
smtpd_recipient_restrictions =
 	permit_mynetworks,
 	permit_sasl_authenticated,
 	reject_unauth_destination
 
> Best regards,
> Arjen

marc

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here