I have a postfix server configured to require username/password when sending email, however I would like to block sending or telnet without authentication.
I can’t seem find any documentation how to achieve this or if it’s even possible.
You could add rules to the firewall to prohibit all outgoing connections on port 25, except from the user(s) you want to allow to send mail (at least whatever user Postfix runs as). It’s a little tricky to use
-m owner --uid-owner <UID> features with firewalld, but it can be done. Basically, you’d explicitly allow the users that can directly send mail (Postfix user, at least) and block all other outgoing port 25 traffic.
This has examples:
I’ve never done what you’re after, and I don’t know if I’d recommend it, but I guess if you don’t trust your users not to spam, then blocking them may be necessary (I would personally kick off users that spam…they’re just going to do some other awful thing; the kind of person that sends spam is going to ruin your day some other way and should be excised with haste).
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.