DevHeads.net

Reply to comment

Re: Question about reject_unauthenticated_sender_login_mismatch

by

OK, I missed the first one in the doc, so it makes sense.

only"

FROM

Sorry, I mis-asked the question. When
reject_authenticated_sender_login_mismatch is specified, postfix takes
the
MAIL FROM address, looks it up in the smtpd_sender_login_maps table, and
checks to make sure the authenticated sender is in there and the MAIL
FROM
address is owned by the authenticated sender.
So....

When a sender is not authenticated, and
reject_unauthenticated_sender_login_mismatch is specified, postfix takes
the MAIL FROM address, looks it up in smtpd_sender_login_maps and if
it's
found, the message is rejected?

Essentially the lookup is just for the existence of the MAIL FROM
address
in the smtpd_sender_login_maps table?

Am I then correct in concluding that with:

smtpd_sender_restrictions = permit_sasl_authenticated,
reject_authenticated_sender_login_mismatch, reject

that the permit_sasl_autheticated obviates the need for
reject_unauthenticated_sender_login_mismatch?
(as there would never be an unauthenticated sender permitted...)

And am I also correct in concluding that is unauthenticated senders were
allowed (as they would have to be for smtpd to accept messages from the
internet), that reject_unauthenticated_sender_login_mismatch would
prevent
any non-authenticated sender from sending a message from (with MAIL
FROM)
any address listed in my smtpd_sender_login_maps?

That makes perfect sense.

As you see, I'm more interested in whether
reject_unauthenticated_sender_login_mismatch makes sense at all for my
setup and if so, in which context. If my two conclusions above are
correct,
it makes sense on the general access service, but not on the submission
service.

Thank you so much for your help!!

Reply