On Fri Feb 21, 2025 at 07:28:47PM +0100, Stéphane Guedon wrote:
I receive once in a while mail pretending to come from my own domain.
To stop that I the last two lines of my config are:
match !from src <myaddrs> mail-from "@my.domain" for any reject
match from any for domain <mydomains> action "local_mail"
where <myaddrs> is a table of IP addresses my.domain is allowed to send
from, and <mydomains> is a table of domains I accept mail for.
I wish that one could use the following:
match !from src <myaddrs> from domain <domains> for any reject
But that is not supported. Hence the specifically named domain, which
you could use multiple times I guess:
match !from src <myaddrs> mail-from "@my.domain1" for any reject
match !from src <myaddrs> mail-from "@my.domain2" for any reject
Better would be to reject mails based on Sender Policy Framework
lookups, but I haven't found the ideal (or rather Debian-integrated)
plugin yet.
--
Mark Lawrence
