On 2016-06-28 07:46, Zhang Huangbin wrote:
I have a simple Postfix policy server, and got a problem to reject
sender login mismatch (sender != sasl_username) with Outlook 2016:
user is able to specify a From: address, it would be any address you
want, and the From: address is not passed to policy server.
I can reproduce this issue with a simple Python program:
*) construct mail message with forge sender address. e.g. 'From:
<fo...@forge.com>'
*) send email as normal/legal user "auth_u...@my-domain.com" with smtp
auth.
*) while sending email, specify the sender address as
"auth_u...@my-domain.com".
*) When user received the email, his MUA shows the address in 'From:'
as sender.
In this case:
- address 'fo...@forge.com' is not available in policy server
- attributes 'sender=' and 'sasl_username' are
'auth_u...@my-domain.com'
So the question is, does Postfix parse the submitted mail message to
get 'From:' address? How can i overcome this?
Policy service is just a table lookup. From what restriction do you call
the policy lookup?
The From: is a header instead of a smtp protocol field.
It may be only available within a header check.
It may be easier to implement such a check within a content filter.
For example within a spamassassin rule/plugin.
Markus
--
https://markusbenning.de/
