Am 11.01.2016 um 19:57 schrieb Justin Edmands:
We have seen a few messages that were allowed to be sent "on be half of" a user within our network. The external users domain was able to send through our relay and sort of spoof the user. Any way to use spamassassin to prevent this sort of this?
you don't provide any infos http://www.catb.org/esr/faqs/smart-questions.html#bepreciseif somebody is able to send from an external IP through your relay to an external address (if that is really teh case) your MTA configuration is broken by definition - nobody should be able to do that without SASL authentication
if one of your *envelope-senders* was forged why don#t you block external clients to use own envelopes on the MTA long before SpamAssassin?
if it is just the from-header and the destination is one of your users you can#t do anything because you would kill any mailing list like this one where mails i send have my own from header
signature.asc
Description: OpenPGP digital signature
