Block forged addresses

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Block forged addresses

rightkicktech.gmail.com
Hi all,

I was wondering what choices are there to block forged sender email addresses.

I was thinking SPF could assist.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Block forged addresses

Benny Pedersen-2
Abi Askushi skrev den 2017-07-14 11:28:

> Do you have any other suggestion?

i do it with reject_sender_access from virtual alias maps after
permit_sasl_authenticated

real users can still use there sender alias without any issue, but no
forged is now possible

tested it with postfixadmin as backend it was a simple one more mysql
map to make it, but it would work with any maps postfix support
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Block forged addresses

allenc
In reply to this post by rightkicktech.gmail.com


On 14/07/17 10:28, Abi Askushi wrote:

> Hi all,
>
> I was wondering what choices are there to block forged sender email
> addresses.
>
> I was thinking SPF could assist.
> The other option I saw is reject_sender_login_mismatch in postfix. *
> *
> Do you have any other suggestion?
>
> Many thanx
> Abi*
> *

Some while ago I created a file to kill inbound spam from non-existent
users such as "accounts" or "help-desk":-

hash:/etc/postfix/valid_users:
[hidden email]    DUNNO
[hidden email]    DUNNO
example.com                REJECT Invalid address

and in main.cf:
check_sender_access hash:/etc/postfix/valid_users

The file gets auto-recompiled whenever the alias files change.

Also, when used with check_recipient_access  hash:/etc/postfix/valid_users,
it kills off any log-in identities which I don't want to use as an email
addresses.

hope this helps


Allen C





Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Block forged addresses

rightkicktech.gmail.com
In reply to this post by Benny Pedersen-2
Thank you Benny for the suggestion.
Do you have any working example? Will this be a file with regex?

Thanx,
Abi

On Fri, Jul 14, 2017 at 12:50 PM, Benny Pedersen <[hidden email]> wrote:
Abi Askushi skrev den 2017-07-14 11:28:

Do you have any other suggestion?

i do it with reject_sender_access from virtual alias maps after permit_sasl_authenticated

real users can still use there sender alias without any issue, but no forged is now possible

tested it with postfixadmin as backend it was a simple one more mysql map to make it, but it would work with any maps postfix support

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Block forged addresses

Benny Pedersen-2
Abi Askushi skrev den 2017-07-17 14:40:
> Thank you Benny for the suggestion.
> Do you have any working example? Will this be a file with regex?

private replyed
Loading...