i’ve just found that some clever user spoofing their sender email address. They’re relaying email from my office webmail i’ve been maintained for years. so here’s the solution to evade naughty user from sending their bulk email.
I’m using postfix, so in main.cf i added restriction class like this
smtpd_restriction_classes = has_our_domain_as_sender has_our_domain_as_sender = check_sender_access hash:/etc/postfix/mydomains, reject
in mydomains file
domain.com OK domain.org OK
Don’t forget to postmap
# postmap mydomains
Now, in smtpd_recipient_restrictions section add this
smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/internal_networks, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unlisted_recipient, .......
in internal_networks file
127.0.0.1 has_our_domain_as_sender 192.168.1 has_our_domain_as_sender 192.168.2 has_our_domain_as_sender
as usual don’t forget to postmap the file
# postmap internal_networks
Reload postfix
# postfix reload
In squirrelmail config.php file
$domain = 'domain.tld'; $imapServerAddress = 'localhost'; $imapPort = 143; $useSendmail = false; $smtpServerAddress = 'localhost'; $smtpPort = 25;
we’ve set $useSendmail to false, because if using sendmail email will directly injected to pickup and then cleanup, bypassing all smtpd_*_restrictions.
done