Discussion in 'Installation/Configuration' started by iovo, Nov 8, 2006.

  1. iovo

    iovo New Member

    i want to make some restriction.
    i've ISPConfig instaled and work very good, but i have some sequrity hole.
    when i use php mail() from other server i can send e-mail!!!
    here is php simple code:

    mail('[email protected]', $subject, $message, $headers );

    How can i restrict that!?
    i've found somthing about this problem in internet, but i don't know that it is right:

    smtpd_recipient_restrictions =
    check_client_access hash:/etc/postfix/client_access
    if this work, how can i maket it work with ISPConfig installation

  2. fobicodam

    fobicodam ISPConfig Developer ISPConfig Developer

    Almost sure your other server is inside your network, did you try from outside your network?
  3. iovo

    iovo New Member

    Yes i did. I'm sure about that.
  4. fobicodam

    fobicodam ISPConfig Developer ISPConfig Developer

    Did you follow the perfect setup steps?

    The commands must be on /etc/postfix/postfix.conf (i believe) and the perfect setup put this lines inside.
  5. Hans

    Hans Moderator ISPConfig Developer


    If i was you add the line:

    mynetworks =

    to your file.

    (If it is not there)

    This will allow email sending only from the network configured in the variable mynetworks. This is normally set to which means sending is only allowed from localhost.
  6. iovo

    iovo New Member

    readme_directory = /usr/share/doc/packages/postfix/README_FILES
    inet_protocols = all
    biff = no
    mydomain =
    myhostname = $mydomain
    smtpd_sasl_local_domain = $mydomain
    smtpd_sasl_auth_enable = yes
    mynetworks =
    smtpd_client_restrictions = permit_mynetworks
    smtpd_delay_reject = no

    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, check_relay_domains
    inet_interfaces = all
    alias_maps = hash:/etc/aliases
    smtpd_tls_auth_only = yes
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    masquerade_domains = $mydomain

    here is my

    everything is as perfect setup
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats correct so far. Please check with a relay test if your server is really relaying mail:

    Please post the output of:

    postconf -n | grep mynetworks

Share This Page