Compromised web sites can be used to relay spam email. To limit that or track which web sites are being used to send spam, you can limit which users can us sendmail, you can do the following. As root:

• Create a file /etc/postfix/sendmailAllowedUsers, put

  user OK

  on a line for each allowed user. (I put one line in my file “root OK”  so only root can use sendmail)

• run

  postmap /etc/postfix/sendmailAllowedUsers

• Add the line

  authorized_submit_users = hash:/etc/postfix/sendmailAllowedUsers

  to /etc/postfix/main.cf

• run

  postfix reload

Only the users in the sendmailAllowedUsers file will be able to send email

If your web sites need to be able to send mail:

• Create user accounts for each web site. You can use the same account that is set up for the user to ftp their web site in place

• yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-plain cyrus-sasl-sql

• If you are using Centos 7 execute

  systemctl enable saslauthd && systemctl start saslauthd

• If you are using Centos 6 execute

  chkconfig saslauthd on && service saslauthd start

• Add the following line to main.cf

• smtpd_sasl_auth_enable = yes

• run

  postfix reload

Now, the users can connect to the SMTP server running on 127.0.0.1 port 25 – and they will have to authenticate to send email. The server administrator will be able to track who is sending email by looking at the /var/log/maillog

Last Updated on March 12, 2017 at 1:57 pm