Re: avoid external emails that the from=< and the to=< are the same user
El 16/11/2018 a las 15:41, Wietse Venema escribió:
Francesc Pe?alvez:
Lately we are receiving spam mails that apparently the mail from the and
the to is the same. How is it possible to avoid this?. I have configured
postfix to avoid the relay of emails and to be able to send mail through
my postfix is necessary the auth , these emails are sent externally from
several ips and seeing the logs of those emails are not authenticated
Postfix 3.0 and later:
/etc/postfix/main.cf:
smtpd_sender_restrictions =
permit_mynetworks
permit_sasl_authenticated
check_sender_access inline:{
{ example.com = REJECT local sender from unauthorized client }
{ other.example = REJECT local sender from unauthorized client }
}
Instead of example.com and other.example, specify your email domains.
Note: this breaks email from remote mail forwarders or from remote
distribution lists that don't reset the sender address.
Wietse
thank you I had debian jessie and I was unable to update postfix with
tls and sasl so I had to update debian to get postfix 3.x and it worked
correctly your solution
--
*
Este mensaje y todos los archivos adjuntos son confidenciales y de uso
exclusivo por parte
de su/sus destinatario/s. Si usted ha recibido este mensaje por error, le
agradecemos que
lo notifique inmediatamente al remitente y destruya el mensaje. Queda prohibida
cualquier
modificación, edición, uso o divulgación no autorizados. El Emisor no se hace
responsable
de este mensaje si ha sido modificado, distorsionado, falsificado, infectado
por un virus o
editado o difundido sin autorización.
***
This message and any attachments are confidential and intended for the named
addressee(s) only.
If you have received this message in error, please notify immediately the
sender, then delete
the message. Any unauthorized modification, edition, use or dissemination is
prohibited.
The sender shall not be liable for this message if it has been modified,
altered, falsified, infected
by a virus or even edited or disseminated without authorization.
***
smime.p7s
Description: Firma criptográfica S/MIME
Re: avoid external emails that the from=< and the to=< are the same user
Francesc Pe?alvez:
> Lately we are receiving spam mails that apparently the mail from the and
> the to is the same. How is it possible to avoid this?. I have configured
> postfix to avoid the relay of emails and to be able to send mail through
> my postfix is necessary the auth , these emails are sent externally from
> several ips and seeing the logs of those emails are not authenticated
Postfix 3.0 and later:
/etc/postfix/main.cf:
smtpd_sender_restrictions =
permit_mynetworks
permit_sasl_authenticated
check_sender_access inline:{
{ example.com = REJECT local sender from unauthorized client }
{ other.example = REJECT local sender from unauthorized client }
}
Instead of example.com and other.example, specify your email domains.
Note: this breaks email from remote mail forwarders or from remote
distribution lists that don't reset the sender address.
Wietse
Re: avoid external emails that the from=< and the to=< are the same user
On Fri, 16 Nov 2018 at 13:20, Francesc Peñalvez wrote: > > Lately we are receiving spam mails that apparently the mail from the and > the to is the same. How is it possible to avoid this?. I have configured > postfix to avoid the relay of emails and to be able to send mail through > my postfix is necessary the auth , these emails are sent externally from > several ips and seeing the logs of those emails are not authenticated SpamAssassin 3.4.2 has the FromNameSpoof Plugin which should help. You can also write your own header_checks test like this (which is broader than your use case): if /^From:/ # emails from our domains and some others are not subject to restrictions here /((mydomain1\.tld|mydomain2\.tld)>?\s*$/ DUNNO # but try to block emails that pretend to be from us # (a) e.g. From: domi...@mydomain1.tld /^(.*mydomain1\.tld"? <.*)$/ REJECT From header impersonation type 1 # (b) e.g. From: Dominic Raferd if /^From: ?(Mr?s? )?(D(ominic)?.*Raferd)/ # but allow some exceptions... e.g. apple, launchpad !/(@bugs\.launchpad\.net|noreply@email\.apple\.com)>?\s*$/ REJECT From header impersonation type 2 endif
