postfix+dovecot发送邮件不验证,求解!!!!!!!
现在的一个测试邮件系统,使用postfix+dovecot+mysql做的,发现个问题是发送邮件时系统不进行用户认证,这不是openrelay了吗~NND~/etc/postfix/main.cf的部分配置
#====================SASL========================
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination,permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/run/dovecot/auth-client
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
下面是maillog日志:
Aug 25 10:07:01 linuxw postfix/smtpd: connect from unknown
Aug 25 10:07:01 linuxw postfix/smtpd: 18EC51F895C: client=unknown
Aug 25 10:07:01 linuxw postfix/cleanup: 18EC51F895C: message-id=<20110825100613.B811.CB72AC87@dltest.com>
Aug 25 10:07:01 linuxw postfix/qmgr: 18EC51F895C: from=<zhang.san@dltest.com>, size=958, nrcpt=1 (queue active)
Aug 25 10:07:01 linuxw postfix/smtpd: disconnect from unknown
Aug 25 10:07:01 linuxw postfix/virtual: 18EC51F895C: to=<yuangong2@dltest.com>, relay=virtual, delay=0.06, delays=0.06/0/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
在客户端一个伪造的邮件地址zhang.san@dltest.com就可以直接给真正的用户yuangong2@dltest.com发送邮件,根本不需要认证!!!!!
再贴一段maillog里收邮件是的log:
Aug 25 10:06:05 linuxw dovecot: pop3-login: Login: user=<yuangong1@dltest.com>, method=PLAIN, rip=192.168.183.28, lip=192.168.108.97
Aug 25 10:06:05 linuxw dovecot: POP3(yuangong1@dltest.com): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
收邮件是正常要密码的~
页:
[1]
