Hi, I have made my linux mail server from http://www.howtoforge.com/virtual_users_and_domains_with_postfix_debian_etch. Now I have a problem. Every day all the users receive an email like this: I have replaced my real domain with mydomain.com I don't know how to stop it. I've tried to send email from [email protected] to [email protected] without AUTH and it worked. How can I tel to postfix to require AUTH for all users, not only for the users that send email outside the domain? Thank you very much
It seems as if spammers are using one of your addresses as the sender address for their spam. This is possible even if they don't use your server to send their spam, and there's nothing you can do about it.
I got these on our servers mostly when they send a mail to [email protected] and FROM [email protected] .. also idd what falko says is true .. i just let those mails discard.. since then no more backscatter mails /etc/amavis/20-debian_defaults: $final_spam_destiny = D_DISCARD; // (default: BOUNCE)
All the users receive this kind of email. how could a spammer know all the passwords? Like a sad before if a send an email inside the domain without auth it works. How can I configure postfix to request auth even in the same domain like it do when relays outside the domain? Thanks
They don't know your password .. i can fake it to .. i just send an email to [email protected] with [email protected] as FROM address .. simple .. no need to use any authentication then.
I thinks I don't understand what do you mean because if I try to send a mail outside mydomain.com I can't and nobody can without authentication. So sending an email to [email protected] with [email protected] as FROM address is not possible. What I don't understand also is why when I send an email inside the domain I don't need authentication and how can I do to request authentication.
http://www.howtoforge.com/forums/showpost.php?p=214430&postcount=4 You can use whatever FROM address you like - it's a weakness in the SMTP protocol.
