It's known that users can provide any email in From: field. I need to prevent it by rewriting it to email used in authorization procedure. Is it possible to do in postfix? Or may be other MTA?
Asked
Active
Viewed 294 times
1 Answers
3
Yes smtpd_sender_restrictions to include reject_sender_login_mismatch or reject_authenticated_sender_login_mismatch along with any other restrictions you put in place (order does matter).
The table doesn't have to be hash and probably shouldn't be. If your setup is rather simple you will want PCRE or regex. More complicated setups use ldap, mysql,PostgreSQL or SQLite.
You can also mix and match, but do so with caution and proper testing postmap -q.
Depending how your clients are setup you may need to set smtpd_sasl_local_domain.
Additional examples: http://www.postfix.org/SASL_README.html#server_sasl_authz
84104
- 12,905
- 6
- 45
- 76
-
1Yes, it is better do REJECT a bad sender instead of rewriting it to a good one. – mailq Aug 07 '12 at 20:00