How to stop mail from unknown domains?

Discussion in 'Installation/Configuration' started by fixallthisjunkguy, Jan 30, 2007.

  1. fixallthisjunkguy

    fixallthisjunkguy New Member

    I'm confused (go figure) on how to stop mail from sending over our smtp server that is from a domain that isn't our own? I've made it work before, but, it blocks mail that comes in from our salespeople who aren't inside of our network when they are sending mail. We used to use Mercury, and it had a nice little option that said "Do not permit relaying of non local mail". How do I make that work in here.

    Here's our postfix's file:

    # See /usr/share/postfix/ for a commented, more complete version

    # Debian specific: Specifying a file name will cause the first
    # line of that file to be used as the name. The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname

    smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.

    $myhostname = ****.com
    myhostname = ****.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = ****.com, ****.biz, mail.****.com, localhost.****.com, localhost, localhost.localdomain
    relayhost = mail.****.net
    mynetworks =,,
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    default_process_limit = 5
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The best way is to configure SMTP-auth for postfix and then set mynetworks = You will find detailed instructions for several linux distributions in the perfect setup guides here on howtoforge.

Share This Page