Bernd Prünster writes:
Now I have noticed that it is possible to connect to my server via SMTP (obviously) and send mail to any valid account configured on the server (also comprehensible). Now if the "mail from:" reads something@<a foreign domain> and this domain has no SPF record in place, it is not my place to worry. I was, however, wondering if it is possible to prevent courier from accepting e-mails having an address @<my domain> declared in "mail from:". Currently spamassassin kicks in and correctly flags such mails as spam (SPF check also fails) but I was wondering if it is possible to make courier reject such mails directly.
It should be possible to write a custom mail filter module that does this, but there is no built-in switch to readily do this.
* I cannot employ a stricter SPF record (HardFail) as other mail servers are often configured in very bad ways, which would make forwarded mails bounce. Yahoo is a prime example of this behaviour, forcing me to only employ SoftFail. GMail on the other hand, does some clever header rewriting and causes no problems.
You might want to investigate a split-DNS configuration.
pgpK3OpZsKHDz.pgp
Description: PGP signature
------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
