Originally Posted by falko
There are two scenarios where users don't have to authenticate:
1) You send to a rdcipient who is on the server.
2) You send from a client whose IP is listed in mynetworks in /etc/postfix/main.cf.
For the 2nd scenario, it is likely for those who are logged into the system (as mynetworks specifies 127.0.0.1/8)
But for the 1st one, although i've placed some restrictions on client (like, client must be from user list), chances are that somebody who knows the emails of some users within the server still use them to spam the server itself. In this case, is it possible to force smtp authentication to any user who wants to use smtp service? (like Gmail, it forces its users to authenticate themselves before doing anything)