Hi, I am using postfix 3.1.12 in a network which does not currently accept sending mail from outside.
However some spammers change the From header in the data section and use an internal address. The problem is that if I use header_checks to reject my domain, it's applied globally so mail from within the local network is rejected as well. Since there is no check_data_access method, I tried to do something this: In main.cf : header_checks = pcre:/etc/postfix/header_checks.pcre smtpd_restriction_classes = anti_spoofing anti_spoofing = check_client_access cidr:/etc/postfix/localnets.cidr In header_checks.pcre : /^From:\s*.+\@mydomain\.tld>?$/ anti_spoofing In localnets.cidr : 127.0.0.0/8 OK 192.168.0.0/24 OK 0.0.0.0/0 REJECT forged address However, forged addresses still pass, and I am getting this message in the logs: Sep 27 06:07:52 server postfix/cleanup[5578]: warning: unknown command in header_checks map: anti_spoofing Why isn't this working? Could you please provide ideas on how to achieve what I want without using external tools or costly sender verification? Best regards, Hugo
