Postfix -> How stop forged MAIL FROM: for authenticated users

Discussion in 'Tips/Tricks/Mods' started by pititis, Dec 28, 2011.

  1. pititis

    pititis Member

    Hi,

    Frist,

    add to main.cf :

    Code:
    smtpd_sender_login_maps = regexp:/etc/postfix/login_maps.regexp
    smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, ... 
    
    where ... are the rest of options for smtpd_sender_restrictions

    Second:

    Create the file /etc/postfix/login_maps.regexp and add inside:

    Code:
    /^(.*)$/
    
    and.. reload postfix

    Now if an authenticated user try to change MAIL FROM:, will get:


    Code:
    
    connect from xxx[xxx]
    Dec 28 17:46:35 server postfix/smtpd[2238]: NOQUEUE: reject: RCPT from xxx[66.66.66.66]: 553 5.7.1 <info@domain.com>: Sender address rejected: not owned by user admin@otherdomain.com; from=<info@domain.com> to=<webmaster@example.com> proto=ESMTP helo=<xxxt>
    Cheers
     

Share This Page