/dev/rob0:
[ Charset ISO-8859-1 converted... ]
> On Wed, Jul 20, 2016 at 10:05:38PM +0200, Dominik Chilla wrote:
> > On 20.07.2016 18:03, Wietse Venema wrote:
> > >Dominik Chilla:
>
> > >>my postfix setup (submission-relay only!) requires an
> > >>authenticated (SMTP-AUTH plain/login) sender. Further it checks
> > >>if the envelope-sender matches the authenticated user-id by using
> > >>sender_login_maps in conjunction with LDAP. In envelope context
> > >>this is a very usefull and important feature, but it doesn?t
> > >>prevent one to use a different email address in the RFC5322-From
> > >>header. So why not thinking about something like
> > >>rfc5322_from_login_maps?
> > >>
> > >>Alternatively a restriction
> > >>"reject_rfc5322_from_envelope_sender_mismatch" (or the like)
> > >>would be thinkable.
>
> > >Do you have a design for that? Note that most reject_mumble
> > >features are designed to block mail BEFORE the "DATA" command,
> > >whereas the message header is received AFTER the DATA command.
>
> > I'm aware of this fact, but what about smtpd_data_restrictions?
>
> You're thinking of smtpd_end_of_data_restrictions, but there still
> your idea has a problem: smtpd is not examining the DATA, but merely
> passing it along to cleanup(8). The cleanup service is where the
> only native Postfix content checking (header and body checks, see the
> header_checks(5) manual and BUILTIN_FILTER_README) is done.
Presumably this would be done in the cleanup daemon (compare
rfc5321.from with rfc5322.from). I don't think that 'it can be done
in Postfix' means that doing so is necessarily a good idea.
Wietse
