OK, I missed the first one in the doc, so it makes sense.
Sorry, I mis-asked the question. When
reject_authenticated_sender_login_mismatch is specified, postfix takes
MAIL FROM address, looks it up in the smtpd_sender_login_maps table, and
checks to make sure the authenticated sender is in there and the MAIL
address is owned by the authenticated sender.
When a sender is not authenticated, and
reject_unauthenticated_sender_login_mismatch is specified, postfix takes
the MAIL FROM address, looks it up in smtpd_sender_login_maps and if
found, the message is rejected?
Essentially the lookup is just for the existence of the MAIL FROM
in the smtpd_sender_login_maps table?
Am I then correct in concluding that with:
smtpd_sender_restrictions = permit_sasl_authenticated,
that the permit_sasl_autheticated obviates the need for
(as there would never be an unauthenticated sender permitted...)
And am I also correct in concluding that is unauthenticated senders were
allowed (as they would have to be for smtpd to accept messages from the
internet), that reject_unauthenticated_sender_login_mismatch would
any non-authenticated sender from sending a message from (with MAIL
any address listed in my smtpd_sender_login_maps?
That makes perfect sense.
As you see, I'm more interested in whether
reject_unauthenticated_sender_login_mismatch makes sense at all for my
setup and if so, in which context. If my two conclusions above are
it makes sense on the general access service, but not on the submission
Thank you so much for your help!!
|How to block bogus localhost.localdomain/127.0.0.1 (helo_access)||21|
|file mailing utility?||2|
|rejecting an invalid return path||5|
|mailbox integration questions||4|
|Postfix : Can't read SMFIC_BODYEOB reply packet header: Connection timed out||0|
|Postfix cluster fail-over||7|
|some user must send email only mydomain||1|
|new server wanting to specify dnsbl's||2|