Based on the logs, is this mail coming from the outside, or is it coming
through your web application?
If it's coming from the outside, then fix your "mynetworks" setting in
main.cf.
It sounds as if it's coming from your web application (which is probably
sending directly through the sendmail executable). If so, at a minimum
it should apply some restrictions to only allow the appropriate recipients
and domains (including CC and BC's) and not somepoordude@aol.com. :-)
Perl has some nifty modules to sanitize user supplied e-mail addresses.
> Folks, I have been banging my head against a problem over the last few days.
> My web server uses postfix to send mail to other machines -- logs, mail sent
> from web forms, etc. It shouldn't need to accept or relay mail from the
> outside. Somehow it will accept mail on the nobody account and will relay
> to any cc or bcc addresses. That functionally allows spammers to relay
> through the server. I can't figure out how to turn this off. I thought I
> had shut off relaying in the main.cf file, but I must be missing something.
> Any ideas?
>
> Thanks,
>
> Stephen Ames
-- Matthew MoenIt's an old ASR adage that all OS's suck. Based on my recent experiences with three Linux distributions, Debian sucks like a straw in a tongue- cancer patient's mouth, Gentoo sucks like an Electrolux, and Redhat 9 sucks like a jet engine intake.
----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:15:59 EDT