Hi,
i'm trying to configure my very first Postfix server.
Everything is working nice, with one exception - everyone can send messages
using my SMTP server without SASL authentication. Eg. when i use SMTP server
mail.domain.cz i can send message to someone@domain.cz. Of course, relaying
out is denied.
Some (important) lines from my main.cf:

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes

smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_invalid_hostname
reject_non_fqdn_hostname
reject_unauth_pipelining

smtpd_sender_login_maps =
mysql:/etc/postfix/mysql-virtual-sender-login-map.cf
smtpd_sender_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unknown_sender_domain
reject_non_fqdn_sender
reject_unauth_pipelining

smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_non_fqdn_recipient
reject_unknown_recipient_domain

Adding reject_sender_login_mismatch to smtpd_sender_restrictions solved this
problem, but caused another one: Local users were unable to send messages to
own domains through other SMTP server, because they were known in
smtpd_sender_login_maps, but they weren't logged in (as they don't have
where to log in).

S i would really appreciate any advise about one of those things :-)

Thanks a lot