Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Linux (Debian/Ubuntu).

  1. For Postfix, restrict relay access in /etc/postfix/main.cf:

    smtpd_relay_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination

  2. Set your trusted network:

    mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

  3. Restart Postfix:

    sudo systemctl restart postfix

  4. Test with: telnet localhost 25 and attempt to relay to an external address.

Back to top