Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x Email Support v1.0.x v Require/force users use login/passwd

Require/force users use login/passwd
Shaggy Offline
Sentora Member
*
OS: Ubuntu 14/Slackware/zentyal
Version: ZPanel 10.1.1
Server: Dedicated
Posts: 5
Threads: 3
Joined: Jan 2015
Reputation: 0
Thanks: 0
Given 0 thank(s) in 0 post(s)
#1
Require/force users use login/passwd
 11-21-2015, 06:06 AM
I just installed sentora on a fresh vps to play around with and learn.

Something i found a bit disturbing is that out of the box sentora configs postfix to allow anyone to send email to your own domains.

For an example
domain.ltd is added
i create mailbox mail1@domain.ltd

by using a simple script iam now able to send spam from any host to my sentora as long as i send from mail1@domain.ltd and send to mail1@domain.ltd or well from mail1@domain.ltd to any existing email adress under domain.ltd

Is there a way to only accept outgoing mail from "clients" that been authenticated through sasl ?
Find
Reply
Thanks given by:
TGates Offline
Sentora Council - Head of Support Team
*******
OS: Ubuntu 20.04 LTS
Version: 2.0.2
Server: i7-6700K @ 4GHz, 8 cores 32GB Ram
Posts: 3 ,600
Threads: 233
Joined: May 2014
Reputation: 84
Sex: Male
Thanks: 393
Given 574 thank(s) in 442 post(s)
#2
RE: Require/force users use login/passwd
 11-22-2015, 05:18 AM
Hmm, sounds like more of a postfix issue than Sentora. We should check their site and see what they suggest and maybe add it into the installer Wink

Me.B
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE
Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Find
Reply
Thanks given by:
Me.B Offline
Sentora Freak
**
OS: Linux/windows
Version: 1.0.3
Server: Dedicated/VPS/Cloud
Posts: 4 ,004
Threads: 193
Joined: Jul 2014
Reputation: 83
Sex: Undisclosed
Thanks: 68
Given 433 thank(s) in 393 post(s)
#3
RE: Require/force users use login/passwd
 11-22-2015, 06:54 PM
but only script in the server are allowed. we might tune this to allow only authentificated users by default. That's the config I use.

Beside that you can change it in postfix.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask
Freelance AWS Certified Architect & SysOps// DevOps

10$ free to start your VPS
Find
Reply
Thanks given by:
Shaggy Offline
Sentora Member
*
OS: Ubuntu 14/Slackware/zentyal
Version: ZPanel 10.1.1
Server: Dedicated
Posts: 5
Threads: 3
Joined: Jan 2015
Reputation: 0
Thanks: 0
Given 0 thank(s) in 0 post(s)
#4
RE: Require/force users use login/passwd
 11-23-2015, 05:10 AM (This post was last modified: 11-23-2015, 05:15 AM by Shaggy.)
(11-22-2015, 06:54 PM)Me.B Wrote: but only script in the server are allowed.  we might tune this to allow only authentificated users by default. That's the config I use.

Beside that you can change it in postfix.

Code:
smtpd_sender_restrictions = permit_sasl_authenticated,
                                reject_sender_login_mismatch,
                                reject_unlisted_sender,
                                permit
smtpd_recipient_restrictions = permit_sasl_authenticated,
                                reject_unauth_destination,
                                reject_non_fqdn_sender,
                                reject_non_fqdn_recipient,
                                reject_unknown_recipient_domain,
                                reject_rbl_client bl.spamcop.net,
                                reject_rbl_client b.barracudacentral.org,
                                reject_rbl_client zen.spamhaus.org,
                                reject_rbl_client dnsbl.sorbs.net,
                                check_policy_service unix:private/policy-spf

this is what i added from what i read it should not allow anyone to send mail w/o using login/pass
or did i mess something up ?
Find
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Can't login to Roundcube (users table empty?!) amine 13 38 ,432 11-18-2016, 09:57 PM
Last Post: Me.B
I need help to create mass mailbox accounts for my users ashg1990 1 5 ,457 05-21-2016, 07:46 PM
Last Post: Me.B
Roundcube login failed Orangs 11 29 ,384 05-17-2016, 01:51 AM
Last Post: Me.B

Forum Jump:


Users browsing this thread: 1 Guest(s)