1 Topic by tapp

  • tapp
  • Member
  • Offline
  • Registered: 2017-02-24
  • Posts: 13

Topic: Recipient address rejected: Policy rejecion not logged in

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? no
- Related log if you're reporting an issue:
====
Hello,
I've applied the fix proposed in this post: http://www.iredmail.org/forum/topic1113 … ed-in.html (I mean removing the reject_sender_login_mismatch plugin from iredapd and adding reject_sender_login_mismatch to the smtpd_sender_restrictions section in main.cf).
However, I'm not sure about the security implications of applying these two changes. Is it security on the server downgraded due to having applied them?
Thanks in advance for your attention.
Best regards,

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Recipient address rejected: Policy rejecion not logged in

If sender and recipient addresses are under same domain, Postfix restriction rule "reject_sender_login_mismatch" doesn't check whether the sender performed smtp auth and won't reject it if it's a forged email.