On 20.07.2016 19:23, Christian Rößner wrote:
Am 20.07.2016 um 18:31 schrieb Patrick Ben Koetter <[email protected]>:
* Wietse Venema <[email protected]>:
Dominik Chilla:
Hello together,
my postfix setup (submission-relay only!) requires an authenticated
(SMTP-AUTH plain/login) sender. Further it checks if the envelope-sender
matches the authenticated user-id by using sender_login_maps in
conjunction with LDAP. In envelope context this is a very usefull and
important feature, but it doesn?t prevent one to use a different email
address in the RFC5322-From header. So why not thinking about something
like rfc5322_from_login_maps?
Alternatively a restriction
"reject_rfc5322_from_envelope_sender_mismatch" (or the like) would be
thinkable.
Do you have a design for that? Note that most reject_mumble features
are designed to block mail BEFORE the "DATA" command, whereas the
message header is received AFTER the DATA command.
You might be better off implementing this with a Milter
IIRC Christian wrote a MILTER that does exactly what you want about two years
ago. I'm not sure if he's willing or able to release it as open source.
Yes ;-) Thanks for pointing that out
https://github.com/croessner/vrfydmn
Christian
@ Patrick/Christian: Big thanx :)
