On 10/04/2010 09:37 PM, Alfonso Alejandro Reyes Jimenez wrote:
Hi, everyone.
I have an issue with some users that are spoofing our mail server,
Spoofing what ? how ?
Proper configuration and a submission setup can prevent sender domain
spoofing.
HELO "spoofing" can be limited or eliminated, if you wish.
rightnow we can restrict the spoofing on the same server.
But if they use another smtp server pretending that they are on our
domain the can send those emails.
I use to work with websense which can be configured to get only mails
from the users and ip address that belong to the domain, is there some
way to tell postfix that he owns the domain mycompany.com and it
reject everything that pretend to be the same domain?
Certainly, although this is not necessarily a good idea - how will
remote users send mail ?
Using SASL submission with restricted senders is a common scenario, and
anything in $mynetworks should be trusted by you anyway.
Or any other idea to prevent the outside spoofing?
If you mean sender domain spoofing, yes, quite trivial: set up proper
mail submission, and deny anything else.
--
J.
