增加防止发件人身份伪造的配置:
代码如下# smtpd related config
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
# reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
smtpd_sender_restrictions =
permit_mynetworks,
check_recipient_access hash:/etc/postfix/local_recipient,
permit_sasl_authenticated,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch,
reject_unknown_sender_domain
# SMTP AUTH config here
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
补充:
配置extmail不允许伪造不存在的本地邮件地址发邮件,不允许并仿冒他人邮件地址发送邮件
cd /etc/postfix/
cat >mysql_virtual_sender_maps.cf<
user = extmail
password = extmail
hosts = localhost
dbname = extmail
table = mailbox
select_field = username
where_field = username
additional_conditions = AND active = "1"
EOF
vim main.cf
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql_virtual_sender_maps.cf
smtpd_sender_restrictions =
permit_mynetworks,
reject_sender_login_mismatch,
reject_authenticated_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch使配置生效
postfix reload