Browse Source

Disallow unauthenticated senders

This stops unauthenticated users from sending unauthorized emails.

Example:

`swaks -t matteo@mail.saloniamatteo.top --header "Subject: Unauthorized Email" --body "This email should not go through." --server mail.saloniamatteo.top`

Before this patch, any user could run the command above, without any authentication, and the server would gladly accept the incoming mail.
Now, the email is rejected, and the email server only allows authenticated users.
pull/138/head
Salonia Matteo 3 years ago
committed by GitHub
parent
commit
c71fc4b097
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
  1. +1
    -0
      emailwiz.sh

+ 1
- 0
emailwiz.sh View File

@@ -81,6 +81,7 @@ postconf -e "smtpd_sasl_type = dovecot"
postconf -e "smtpd_sasl_path = private/auth"

# Sender and recipient restrictions
postconf -e "smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_unauth_pipelining, reject_non_fqdn_sender, reject_sender_login_mismatch, reject_authenticated_sender_login_mismatch, reject_known_sender_login_mismatch, reject_unauthenticated_sender_login_mismatch"
postconf -e "smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination"

# NOTE: the trailing slash here, or for any directory name in the home_mailbox


Loading…
Cancel
Save