Originally Posted by till
This is no issue with the server, it is the normal way smtp servers work. Your server setup is absolutely fine.
Thank you for the reply!
Actually this answers my first question. I understood by now that the server setup is fine. As a matter of fact I can send/receive mail to/from any domain with an register MX, the server requires auth before sending emails to other domains than declared in "mynetworks", multidomain works fine,etc.
But, regarding the general purpose of ISPConfig to be able to setup multiple domains for different clients on the same server (eg example1.ltd and example2.ltd), it doesn't strike me as normal and recomended configuration when an register user - firstname.lastname@example.org
can send an email anywhere as the email@example.com
for example. And yes, I know this is the way NORMAL SMTP servers are working , but they shouldn't - and this must be configurable/stopped if we want to.
I got the header from one of those emails and. Here I could still see my real SMTP firstname.lastname@example.org
. But concerning Gmail, Yahoo and even regular desktop clients, they show by default only the user declared sender address email@example.com
From - Mon Feb 8 15:13:25 2010
Received: from localhost (unknown [127.0.0.1])
by localhost (Postfix) with ESMTP id 80051C4705
for <firstname.lastname@example.org>; Mon, 8 Feb 2010 13:12:13 +0000 (UTC)
X-Virus-Scanned: amavisd-new at localhost
Received: from localhost ([127.0.0.1])
by localhost (there.ro [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id TowsyWQRHiDX for <email@example.com>;
Mon, 8 Feb 2010 15:12:02 +0200 (EET)
Received: from [10.81.42.54] (unknown [22.214.171.124])
(Authenticated sender: firstname.lastname@example.org)
by localhost (Postfix) with ESMTPSA id 8E40CC4686
for <email@example.com>; Mon, 8 Feb 2010 15:12:02 +0200 (EET)
Date: Mon, 08 Feb 2010 15:12:53 +0200
From: My Name <firstname.lastname@example.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:126.96.36.199) Gecko/20100120 Fedora/3.0.1-1.fc12 Thunderbird/3.0.1
To: Destination <email@example.com>
Subject: Test for different sender address then authentificated sender
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
To make matter worse, with the default setup, following /etc/Postfix/main.cf, an user can send unauthenticated messages to users registered at "mynetworks" . In this case ANYONE can send an email to firstname.lastname@example.org
- using its smtp server - impersonating email@example.com
and to be honets I almost never check the message header when is being push to my mobile or desktop client.
I know this may not be a ISPConfig problem, but it should raise some questions about filtering these mails. That's why I asked for help through the second question.
As dipeshmehta suggested, the answer might be in altering the header through address rewriting which I'm not familiar with. I think one can put a rule that if firstname.lastname@example.org
is not equal with email@example.com
Postfix should not deliver the message to its recipients.