On 2018-02-19 23:13, @lbutlr wrote: > On 2018-02-19 (09:35 MST), Alex <mysqlstud...@gmail.com> wrote: >> >> In other words, if the sasl_username is alice, I'd like to restrict the >> envelope sender and From address to only legitimate accounts belonging to >> that sasl user. > > This may break many people's workflows. > > For example, most people have many email addresses, and rather than > try to manage many different servers, they will pick their "best" > server to send their email through.
Any modern email client uses autoconfiguration this days and it is actually very hard to set things up as you describe (using identities etc.) in comparison to proper setup with one submission server per account. > > So, when I send an email to someone from my google account, it > probably doesn't go through google's submission servers. This might have been the case a decade ago but now doing this will most probably put that e-mail in spam. Sending e-mails on behalf of other domains breaks SPF, DKIM, DMARC and is in general considered spoofing. You should be prepared for complaints if you ARE allowing this. Try to send email from non-gmail address using gmail account. > > Now, you might not care, but you might be prepared for the complaints. > > A better choice is to rate limit users. > > You can also check if the sender@yourdomain is a valid account, but > then again, there are reasons someone (a company, especially) might > want an invalid sender. > > And you'll break mailing lists if you aren't careful. How? What restricting users to send mail only from addresses they own has to do with mailing lists? k. -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
