Hello,
I have a spoofing problem on a Zimbra Server
I have domain.tld hosted
I would like to deny all incoming emails from domain.tld if they are not using mynetwork or sasl authenticated
For the moment, i'm using sender_access :
domain.tld permit_mynetworks,permit_sasl_authenticated,reject
And i'm rewriting the From if the mail is not coming from domain.tld
/^From:[[:space:]]+.*<.*@domain\.tld>/ DUNNO
/^From:[[:space:]]+.*<(.*)>/ REPLACE From: -${1}- <${1}>
(User try to specify Name, and last name with another domain email address)
But, i've a problem with this solution .
If a user set a Return-Path different of the From, he can send the mail.
Exemple:
Return-Path:
te...@domain.com
From: Name Lastname <te...@domain.tld>
It's possible to scan From header and not Return-Path, with smtp_sender_restrictions ?
Or their is another way to block From header if the user is not authenticated or in authorized IP ?
IF it's not possible, how can I put the Return-Path address to the From header ?
Thank you and sorry for my english
Regards