Hi Viktor, thanks a lot for your opinion.
Could you explain to me which would be the benefits of implementing such behaviour on a filter or milter instead of doing it on header_checks? Also, do you know in which cases would be useful to allow or make use of multiple From addresses? Just in case I'm missing something. Thanks in advanced, On Tue, Oct 6, 2020 at 10:50 PM Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > > On Wed, Oct 07, 2020 at 12:27:09AM +0000, Pau Peris wrote: > > > I'm hosting my dad's webpage which has a contact form (which should be > > improved to avoid spam and/or bots) and from time to time someone > > types multiple email addresses in the from field of the form so > > contact emails with multiple from addresses like "from: > > h...@example.com, f...@example.net" are generated. I though that those > > kind of messages should get rejected and thought that maybe there was > > a builtin restriction for this use case. > > You may of course choose to try to block such messages, but in terms of > general syntax, they are valid email messages: > > https://tools.ietf.org/html/rfc5322#section-3.6.2 > > The only constraint is that a message with multiple authors (multiple > "From" mailboxes), is required to have a "Sender" header which indicates > who is to blame for actually sending the message. The requirement is > unlikely to be enforced by most MUAs. I don't know what DMARC makes of > multi-author messages (but since I don't use, recommend or think much of > DMARC, I have much reason to care about that). > > RFC5322.From syntax is rather non-trivial, and trying to parse it with > regular expressions is not a terribly good idea. While most addresses > are simple, and you might not ever see the exceptions, I do not > recommend ad-hoc half-right parsers for the mailbox syntax. > > Therefore, the right solution would be in a content filter or milter, > coupled with a solid email address (list) parsing library. > > -- > Viktor. -- Pau Aquest correu electrònic conté informació de caràcter confidencial dirigida exclusivament al seu/s destinatari/s en còpia present. Tant mateix, queda prohibida la seva divulgació, copia o distribució a tercers sense prèvia autorització escrita per part de Pau Peris Rodriguez. En cas d'haver rebut aquesta informació per error, es demana que es notifiqui immediatament d'aquesta circumstancia mitjançant la direcció electrònica del emissor.
