You are here

Mail server

Submitted by Alan Mels on Thu, 05/05/2022 - 19:01

Per https://serverfault.com/questions/1073807/how-to-prevent-unauthorized-ma...

  1. saslpasswd2 root

and per https://serverfault.com/questions/1075116/how-to-prevent-sasl-username-r...

Additionally, consider setting smtpd_sasl_auth_enable = no in main.cf and removing the first smtpd_sasl_auth_enable=yes up in your master.cf. Authentication is typically only desirable for services meant for submission (the line starting smtps inet and optionally submission inet), so it should be enabled only for one or two such services via master.cf. This would break clients that use port 25 to submit authenticated mail - but such clients configuration probably need review anyway if you are changing configuration.