On 8/21/2010 12:18 AM, Jerrale G wrote:
I don't think you get it. I'm concerned that, if they don't
authenticate with postfix - the purpose of popb4smtp, their
sender authenticated header will not be in the message header
for postfix to reject a bogus sender address. If it did, I
wouldn't be asking the question.
As said, the only way I can think of having postfix to
validate the sender address is by a global general check
allowing anyone to use any email address, as outgoing, that is
hosted with postfix. Meaning, if you are
[email protected], you would be able to send mail with
the sender address [email protected] as long as it
exists as an email address or alias on our systems but at
least you wouldn't be able to do a bogus sender address of
[email protected]; it wouldn't be hard
to trace who sent spam
I'm asking for an alternative way than this, if sender
authenticated header doesn't work.
Thank you
Jerrale G
S C
The alternative you are looking for is SMTP AUTH. That's the
standard authentication method supported by postfix and
virtually all mail clients.
http://www.postfix.org/SASL_README.html
pop-before-smtp is a hack and will never be considered a
standard authentication method and will never be directly
supported in postfix.
You could write a policy service that validates the sender
address when using pop-before-smtp, but your time would be
better spent implementing SMTP AUTH.
-- Noel Jones
