On 12/2/2009 10:17 AM, Stähelin, Simon wrote:
Is it possible (and how) to block emails sent via an outside smtp server
(not mynetworks) with our domain?
Three methods come to mind...
1) Publish restrictive SPF rules for your domain, then add a
check_policy_service that uses one of the SPF policy daemons (usually
perl or python based) in your smtpd_recipient_restrictions list. That
takes care of domain forgeries in the "MAIL FROM" (and "HELO"?) headers.
It doesn't address forgeries in the "From:" header which is part of
the message body (that's more of a job for a content filter).
2) You can use smtpd_helo_restrictions and do a check_helo_access
against a hashed list of domains that shouldn't show up in the HELO
name. Such as:
mail.example.com REJECT Go away, pretender.
3) As a follow-up to #1, you could write rules in a content filter like
SpamAssassin to check that the "From:" header inside the message body
makes sense. Then add 2 or 3 points to messages that violate that rule.
