Hello, I am a bit puzzled by a "shortcoming" of my courier configuration.
My configuration: Auth is not required (obviously to allow for receiving mail from other servers), but unauthenticated relaying is disabled (to prevent spammers from using my server). Authentication itself is only possible over secure connections (SSL/TLS) and I have an SPF record (SoftFail*) in place and I employ spamassassin -- so far so good. Now I have noticed that it is possible to connect to my server via SMTP (obviously) and send mail to any valid account configured on the server (also comprehensible). Now if the "mail from:" reads something@<a foreign domain> and this domain has no SPF record in place, it is not my place to worry. I was, however, wondering if it is possible to prevent courier from accepting e-mails having an address @<my domain> declared in "mail from:". Currently spamassassin kicks in and correctly flags such mails as spam (SPF check also fails) but I was wondering if it is possible to make courier reject such mails directly. Best Regards, Bernd * I cannot employ a stricter SPF record (HardFail) as other mail servers are often configured in very bad ways, which would make forwarded mails bounce. Yahoo is a prime example of this behaviour, forcing me to only employ SoftFail. GMail on the other hand, does some clever header rewriting and causes no problems. ------------------------------------------------------------------------------ Slashdot TV. Videos for Nerds. Stuff that Matters. http://pubads.g.doubleclick.net/gampad/clk?id=160591471&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
