Hi, I am administering a server and i must accept that I am a total newbie. I have followed the "The Perfect Server – CentOS 6.3 x86_64 (Apache2, Dovecot, ISPConfig 3)" to setup the server. Everything is ok in it, we do not have any problem in sending/receiving mail except that Postfix is allowing mails within the same domain without authentication. example : my domain is xyz.com and I have two mail boxes. [email protected] and [email protected] . Now in the mail client (Thunderbird) of [email protected] , i have given smtp authentication method as "no authentication" and [email protected] is trying to send a mail to [email protected] , still the mail is getting delivered. Can you please guide me or point me to the setting which might be causing it. This is my output of postconf -n . In the result I have just modified myhostname and smtp_bind_address. alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases body_checks = regexp:/etc/postfix/body_checks bounce_queue_lifetime = 1d broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_process_limit = 50 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man maximal_queue_lifetime = 1d message_size_limit = 0 milter_default_action = accept milter_protocol = 2 mime_header_checks = regexp:/etc/postfix/mime_header_checks mydestination = localhost, localhost.localdomain myhostname = xyz.com mynetworks = 127.0.0.0/8 [::1]/128 nested_header_checks = regexp:/etc/postfix/nested_header_checks newaliases_path = /usr/bin/newaliases.postfix non_smtpd_milters = $smtpd_milters proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps queue_directory = /var/spool/postfix queue_run_delay = 15m readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES receive_override_options = no_address_mappings relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf relayhost = sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_bind_address = x.x.x.x smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf smtpd_milters = inet:127.0.0.1:8891 smtpd_recipient_restrictions = reject_unauth_pipelining,permit_mynetworks,permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination smtpd_reject_unlisted_sender = yes smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl1/startssl.chain.class1.server.crt smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_security_level = may smtpd_use_tls = yes transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf unknown_local_recipient_reject_code = 550 virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Thanks in advance Sudip
Hi falko Thanks for the reply. But in my case , the ip from which the mail is coming is not listed in mynetworks. And i did not understand what you meant by rdcipient. The recipients of the mails which are coming unauthorized are all virtual mailbox. And just today I had to remove the setting smtpd_reject_unlisted_sender = yes , otherwise all the system mails were getting blocked. Thanks Sudip
Then isn't that a security issue? That means i can send mails to any user in our domain and that mail might look like as if the mail has been sent by our MD . I can then send any type of mail to [email protected] and [email protected] will think that the mail has been sent by [email protected] , but in reality the mail has actually been sent by [email protected] - but there is no reference of [email protected] in the mail. Sudip
Sorry Falko but I can not agree with that. I have another domain which is not on this dedicated server , but is on a shared hosting on a windows server of ixwebhosing.com . When I am trying to send mail to one of the mailbox of this domain using a fake and non existant userid of the same domain , the mail server is not allowing me to send it. And that is also SMTP protocol .
hi Falko I think you misunderstood my first post (the original post with the problem). This is the problem that I am facing in the dedicated server - I am able to send mail to one of the mailbox of this domain using a fake and non existant userid of the same domain. Shared windows hosting server is not allowing it , but the dedicated server (The Perfect Server – CentOS 6.3 x86_64 (Apache2, Dovecot, ISPConfig 3) is allowing it. This has to be some of the settings. Thanks in advance. Sudip
