On 2023-11-27 at 17:55:32 UTC-0500 (Mon, 27 Nov 2023 22:55:32 +0000)
Vijay S Sarvepalli via Postfix-users <vssarvepa...@cert.org>
is rumored to have said:
Hello Postfix community,
This may be a feature request. As far as I can tell it is currently
not possible to verify if an authenticated user has sent email that
uses a From: header (After DATA command) that does not match his/her
credentials. The features
https://www.postfix.org/postconf.5.html#reject_authenticated_sender_login_mismatch
allows for SMTP MAIL FROM: address to be verified with the
authenticated user. However if a user spoofs From: header inside an
email and leave the SMTP MAIL FROM: to be matching, it cannot be
inspected or verified using any Postfix configuration parameters.
Correct. As Dr. Venema said, this is a design choice. An important and
correct one, in my opinion.
The only way I found is using some third party software
https://github.com/magcks/milterfrom/
Actually there are MANY ways to attack this issue with add-ons for
Postfix. For example, if you use any of the mechanisms for integrating
Apache SpamAssassin, it has a suite of rules related to the coherence of
various sender-related values. So you could just use SpamAssassin with
Amavis, MIMEDefang, MailMunge, spamass-milter, or in a simple
content_filter to get those rules applied at whatever weights you like.
There are also other anti-spam tools that can be integrated with Postfix
by its various interfaces.
Is it possible to include this as a feature so it is possible for
large scale ISP’s to prevent any one user using another user hosted
on the same server. This type of spoofing of the From: header inside
the email could go unnoticed, potentially get a SPF verified delivery
and/or even get a DKIM signature due to the lack of native capability
to inspect and reject such misuse. Something like
reject_authenticated_from_login_mismatch could be used to distinguish
this configuration parameter.
Sophisticated analysis of the contents of a message (which may or may
not be in a standard format and may even be designed to thwart analysis)
is a complicated and potentially dangerous task. As a transport agent,
Postfix should not be spending the resources or taking the risk of such
analysis. It is much safer to delegate that analysis to specialized
external software.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
