InformationThe operating system must be configured to prevent unrestricted mail relaying.
If unrestricted mail relaying is permitted, unauthorized senders could use this host as a mail relay for the purpose of sending spam or other unauthorized activity.
SolutionIf postfix is installed, modify the /etc/postfix/main.cf file to restrict client connections to the local network with the following command:
# postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'
Or you can manually add this line by editing the file:
Example: vim /etc/postfix/main.cf
Add this line:
smtpd_client_restrictions = permit_mynetworks,reject
This Benchmark recommendation maps to:
Red Hat Enterprise Linux 7 Security Technical Implementation Guide:
Version 2, Release: 3 Benchmark Date: 26 Apr 2019
Vul ID: V-72297
Rule ID: SV-86921r3_rule
STIG ID: RHEL-07-040680
Severity: CAT II