Hello,
>From time to time, one of our users is caught by a phishing attempt.
His account is then used to send spam and generally the MAIL FROM does not
match one of our addresses.
I found this to test the validity of the MAIL FROM
/etc/postfix/main.cf :
smtpd_sender_login_maps = hash:/etc/postfix/controlled_envelope_senders
smtpd_recipient_restrictions =
...
reject_sender_login_mismatch
permit_sasl_authenticated
...
with /etc/postfix/controlled_envelope_senders (in our case)
email uid
but that will not be easy to implement here; for example, some addresses are
used by a few people and we don't always know that.
Would it be possible to test only the existence of the MAIL FROM ?
Regards,
--
Pascal
