check if envelope from and from is the same

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

check if envelope from and from is the same

Stefan Bauer-2
Hi,

we're running a small smtp send only service for authenticated users only. Even though we only accept allowed combinations of authenticated user and pre-defined envelope from addresses with access_maps, some smartasses started to spoof From: addresses so we got bad reputation at receiver sites.

Is this a good idea to check if envelope from and from matches and if so, howto do it in postfix?

thank you

Stefan
Reply | Threaded
Open this post in threaded view
|

Re: check if envelope from and from is the same

Ralph Seichter
On 02.10.18 21:17, Stefan Bauer wrote:

> Is this a good idea to check if envelope from and from matches and if
> so, howto do it in postfix?

Seriously? A "howto" has been posted on this very mailing list a few
hours ago. Mailing list archives are so useful...

-Ralph
Reply | Threaded
Open this post in threaded view
|

Re: check if envelope from and from is the same

Tobi
In reply to this post by Stefan Bauer-2
if your auth senders spoof from headers: block their login account and
terminate their service

Am 02.10.18 um 21:17 schrieb Stefan Bauer:

> Hi,
>
> we're running a small smtp send only service for authenticated users
> only. Even though we only accept allowed combinations of authenticated
> user and pre-defined envelope from addresses with access_maps, some
> smartasses started to spoof From: addresses so we got bad reputation at
> receiver sites.
>
> Is this a good idea to check if envelope from and from matches and if
> so, howto do it in postfix?
>
> thank you
>
> Stefan
Reply | Threaded
Open this post in threaded view
|

Re: check if envelope from and from is the same

@lbutlr
On 04 Oct 2018, at 00:00, Tobi <[hidden email]> wrote:
> if your auth senders spoof from headers: block their login account and
> terminate their service

Nothing necessarily wrong with spoofing From:

noreply@ is a spoofed From:

>> we're running a small smtp send only service for authenticated users
>> only. Even though we only accept allowed combinations of authenticated
>> user and pre-defined envelope from addresses with access_maps, some
>> smartasses started to spoof From: addresses so we got bad reputation at
>> receiver sites.

I don’t think that’s how it works.

>> Is this a good idea to check if envelope from and from matches

Not especially. I wouldn’t use a service that did that.

--
And Super Heroes come to feast
To taste the flesh not yet deceased
And all I know is still the beast is feeding.