We have a situation where some party is harvesting our employees'
mailbox names and using them for a directed brute force attack against
our SMTP servers. In order dodge this we have undertaken to rename of
user mailboxes. However, we use the imap service to authenticate for
SMTP delivery and so the actual mailbox name must be used when
sending.
What happens then is that the newly renamed mailbox identity ends up
in the RETURN-PATH of the sender's message. We would like to remap
that value back to the sender's original mailbox name since that is
what is set up to receive mail for that user.
A diagram may help, or not depending on whether the reader uses fixed
space fonts.
oldmailboxn...@harte-lyne.ca <--- the original email address
in /etc/postfix/virtual
oldmailboxn...@harte-lyne.ca oldmailboxname
On the IMAP service host
oldmailboxname <--- the original imap mailbox
newmailboxname <--- the renamed imap mailbox
in /etc/postfix/virtual
oldmailboxn...@harte-lyne.ca newmailboxname
When sending from newmailboxname the Return-Path value is
newmailboxname@harte-lyne. newmailboxname is deliberately set up so
as to not receive mail. We want the Return-path value to say
oldmailboxn...@harte-lyne.ca instead, which does receive mail.
I tried this in the outgoing MTA:
sender_canonical_maps = hash:/etc/postfix/canonical
with this in /etc/postfix/canonical:
newmailboxname oldmailboxname
Rebuilding the hash db and restarting postfix thereafter did not
change the results shown in the Return-PAth. Is there a way to
accomplish this?
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:byrn...@harte-lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
