How to force Postfix SMTP to use AUTH (SASL?) and reject anonymous connections?

postfix smtp sasl

9,283

Ok, it seems, i have to also add this:

smtpd_delay_reject = yes
smtpd_client_restrictions = permit_sasl_authenticated, reject

as stated here: http://www.postfix.org/postconf.5.html under smtpd_sasl_auth_enable

9,283

Updated on September 18, 2022

luky almost 2 years
The following snippet has been added to the main.cf file of postfix:
```
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_sasl_security_options = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
```
I am bit confused, why there is sometimes "smtp" and sometimes "smptd" in the parameters above, but I guess the current one names are correct.

Why is it possible to connect to SMTP without AUTH although I specified the parameters above, and they should force the SMTP client to AUTH?

I would like to reject anonymous connections.
- luky about 9 years
  
  hi Julian, thank you for your answer, i am using it already, but thanks
- Jaime Hablutzel over 6 years
  
  Why is this question closed as off-topic?.
alphamikevictor about 9 years

That's the key, reject all unauthenticated attempts to deliver mail to Postfix :)
luky about 9 years

uff.. you are right, delivering from outside now doesnt work. i thought this settings is for SMTP (send mail server) so why it affects incoming of mails.. how should i manage it?
MadHatter about 9 years

You should edit this into your earlier answer, and delete this one: answering your own question twice isn't good practice.
masegaloeh about 9 years

You can always edit your earlier answer. No need two create new answer.