info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Block incoming email for hosted domain if their not using local SMTP
11 views
Skip to first unread message
s...@novetys.com
Sep 1, 2016, 10:46:00 AM9/1/16
to
Hello,
I have a spoofing problem on a Zimbra Server
I have domain.tld hosted
I would like to deny all incoming emails from domain.tld if they are not using mynetwork or sasl authenticated
For the moment, i'm using sender_access :
domain.tld permit_mynetworks,permit_sasl_authenticated,reject
And i'm rewriting the From if the mail is not coming from domain.tld
/^From:[[:space:]]+.*<.*@domain\.tld>/ DUNNO
/^From:[[:space:]]+.*<(.*)>/ REPLACE From: -${1}- <${1}>
(User try to specify Name, and last name with another domain email address)
But, i've a problem with this solution .
If a user set a Return-Path different of the From, he can send the mail.
Exemple:
Return-Path: te...@domain.com
From: Name Lastname <te...@domain.tld>
It's possible to scan From header and not Return-Path, with smtp_sender_restrictions ?
Or their is another way to block From header if the user is not authenticated or in authorized IP ?
IF it's not possible, how can I put the Return-Path address to the From header ?
Thank you and sorry for my english
Regards
I have a spoofing problem on a Zimbra Server
I have domain.tld hosted
I would like to deny all incoming emails from domain.tld if they are not using mynetwork or sasl authenticated
For the moment, i'm using sender_access :
domain.tld permit_mynetworks,permit_sasl_authenticated,reject
And i'm rewriting the From if the mail is not coming from domain.tld
/^From:[[:space:]]+.*<.*@domain\.tld>/ DUNNO
/^From:[[:space:]]+.*<(.*)>/ REPLACE From: -${1}- <${1}>
(User try to specify Name, and last name with another domain email address)
But, i've a problem with this solution .
If a user set a Return-Path different of the From, he can send the mail.
Exemple:
Return-Path: te...@domain.com
From: Name Lastname <te...@domain.tld>
It's possible to scan From header and not Return-Path, with smtp_sender_restrictions ?
Or their is another way to block From header if the user is not authenticated or in authorized IP ?
IF it's not possible, how can I put the Return-Path address to the From header ?
Thank you and sorry for my english
Regards
0 new messages