In Postfix MySQL ASLS certification, there is always a problem in the mail system to confuse me. That is Helo, Mail from deceived solution, I found a lot of articles online, I can't solve it. If I can find a big meal.
Workaround does not have two kinds
1. Find the related patch of the Postfix mail system
2, modify the part of the postfix___smtp for Helo, Mail from authentication, because Postfix has some check options, so it should be relatively simple when modified.
Specific problem description:
1. After the user telnet xxx.com 25, it is judged when he is Helo XXX.com.
2, when the user enters Mail from: user@domain.com, verify domain.com
Determine whether the two domain names are consistent with the IP of the user's currently connected, whether it is consistent with the current connection IP address after the reverse domain name, if the letter is allowed, otherwise it must be verified, which must be effectively blocked now Most mail systems exist free to input mail from, RCPT TO is our open forwarding.
Hosts in this case:
Http://www.amaxit.net/ This company has made an advertisement in http://www.chinaunix.om, I observe that after his demo system, there is still the same situation, and it can be used to log in to his host.
Telnet mail.pdfrip.com 25
After entering, you can forward the email, you can arbitrarily fabricate Helo Mail from even RCPT TO. . . Really ...
