postfix allows mail relaying for any random subdomains
by vincix from LinuxQuestions.org on (#51H1X)
I'm running a postfix send-only mail relay (postfix-3.4.5) with restrictions per IPs (my networks, that is to say) and a restriction for domains that can be used to send e-mails for.
The latter is being enforced using the following directive:
Code:smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_sender_access hash:/etc/postfix/allowed_senders, reject/etc/postfix/allowed_senders (already mapped to db)
Code:domain.eu OK
domain.com OK
example.de OKThe problem is that postfix also accepts the relay of e-mails for any random subdomains of these main domains and I haven't yet found a solution for rejecting this.
This works when I enforce login maps, for instance, so that certain users can send e-mails using only certain e-mail addresses, but this mail relay is configured differently and I would have expected being able to allow only the domains I'm specifying, and not any other subdomains.
Any ideas?
The latter is being enforced using the following directive:
Code:smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_sender_access hash:/etc/postfix/allowed_senders, reject/etc/postfix/allowed_senders (already mapped to db)
Code:domain.eu OK
domain.com OK
example.de OKThe problem is that postfix also accepts the relay of e-mails for any random subdomains of these main domains and I haven't yet found a solution for rejecting this.
This works when I enforce login maps, for instance, so that certain users can send e-mails using only certain e-mail addresses, but this mail relay is configured differently and I would have expected being able to allow only the domains I'm specifying, and not any other subdomains.
Any ideas?