Wietse Venema via Postfix-users:
> Vijay S Sarvepalli via Postfix-users:
> > Hello Postfix community,
> >
> > This may be a feature request. As far as I can tell it is currently
> > not possible to verify if an authenticated user has sent email
> > that uses a From: header (After DATA command) that does not match
> > his/her credentials.
> ...
> > The only way I found is using some third party software
> > https://github.com/magcks/milterfrom/
>
> This is intentional. Apart from simple header/body checks to block
> known evil, Postfix generally does not implement configurable
> policies on header/body content, leaving such policies up to plugins.
Added note: most email 'user' software does not show the From:
address, but instead shows the "display name" in the From: header.
From: "display name" <address>
Or the obsolete form:
From: address (display name)
Tools like "milterfrom" replace the address without updating the
display name. A more sophisticated solution would use a lookup table
that maps an envelope sender to a complete new From: header, and
thaht would drop the existing From: header if such a mapping exists.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
