Am 20.07.2016 um 18:03 schrieb Wietse Venema:
In Postfix: require that MAIL FROM matches SASL login In Milter: require that MAIL FROM matches From: header.
I took that suggestion and had a deeper look in OpenDKIM today. Parsing RFC5322.From /is/ complicated. But for my feeling OpenDKIM does that job very well. OpenDKIM has the ability to do such checks in a very convenient way. We may do lookup in static files, databases and even LDAP. I would like to see it very similar to http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps Lookup one RFC5322.From (Key) and check if one or more SASL Users (Values) are authorized. But, what are the use-cases? - RFC3522.From matches exact sasl_user - RFC5322.From domain matches sasl users domain-part - RFC5322.From is authorized by one ore more sasl users ... Andreas
