On 04/21/2018 03:25 PM, Bill Shirley wrote:
On 4/20/2018 8:53 AM, Olaf Hopp wrote:On 04/20/2018 02:01 PM, Olaf Hopp wrote:Hi (Stephan?), is it a new feature of dovecot 2.3 /pigeonhole 0.5 that a sieve "redirect" changes the envelope sender of a redirected mail or simply a bug ?A sends mail to B, B redirects to C C sees B (not A!) as envelope sender. It is not a problem if C gets the mail but if that mail bounces for various reasons it goes back to B and A will never know about this. I thick this is came with 2.3 / pigeonhole 0.5 ? # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.devel (61b47828) # OS: Linux 2.6.32-696.23.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) Regards, OlafI moved one version back, same config except those changes in 10-ssl.conf necessary for the 2.2->2.3 upgrade # 2.2.35 (b1cb664): /opt/dovecot/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.23 (b2e41927) # OS: Linux 2.6.32-696.23.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) and this version keeps the envelope sender untouched. So this a regression with 2.3 / 0.5 Envelope *senders* should never ever be modified. Regards, OlafMy father is subscribed to a mailing list that instead of using l...@xyz.org in the envelope it actually modifies the envelope to the poster's email address. When they try to send the email to my server and the envelope says "Hi, I'm coming from b...@example.com", I know they are lying because *my mail server is the mail handler* for example.com. REJECT If you accept mail that's obviously forging the envelope sender, any spammer can just send email saying I am you and get passed by a whitelist statement in Spamassassin because... u...@example.com "oh, he's a good guy. Let him through." Bill
Of course, mailing lists are an exeption to this. It's usual to put listname-bounces@... into the envelope sender, so that bounce processing might be done by the mailing list software. Olaf -- Karlsruher Institut für Technologie (KIT) ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik Dipl.-Geophys. Olaf Hopp - Leitung IT-Dienste - Am Fasanengarten 5, Gebäude 50.34, Raum 009 76131 Karlsruhe Telefon: +49 721 608-43973 Fax: +49 721 608-46699 E-Mail: olaf.h...@kit.edu www.atis.informatik.kit.edu www.kit.edu KIT - Die Forschungsuniversität in der Helmholtz-Gemeinschaft Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.
smime.p7s
Description: S/MIME Cryptographic Signature
