Fix Open Postfix Relay – Unauthenticated Email



If your mail server is left open, anyone can use your SMTP service to send mail, and spammers will use it. This can result in your server being blacklisted and extraneous use of system resources that neither benefit you nor your users.

Postfix logoTo secure Postfix, there are a number of functions you can add the configuration file /etc/mail/main.cf. Edit the file and add the following lines:


smtpd_helo_required = yes
smtpd_delay_reject = no
disable_vrfy_command = yes

smtpd_helo_restrictions = permit_mynetworks,reject_invalid_hostname,reject_unknown_hostname,reject_non_fqdn_hostname

This will force incoming requests to pause and identify themselves before proceeding, and will allow properly authenticated users to pass through and send mail. To finish, save the file and restart Postfix:

/etc/init.d/postfix restart