For some time now, I’ve been annoyed by spam mail claiming to come from my own domain.
I’m running my own mail server (postfix), so the solution should be simple, right?
I finally took the time to look into it. Using the big manual (google), I found a working solution.
In /etc/postfix/main.cf:
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, check_sender_access pcre:/etc/postfix/check_sender.pcre, ...
And then in /etc/postfix/check_sender.pcre I added the following line:
/@mydomain.com$/ REJECT Misuse of local recipient domain.
The system now correctly rejects mail that comes from the outside and tries to send as my own domain.
Thank you to Insyte at serverfault.com for the answer: SMTP-AUTH required for local domains?