Hi,
I'm already using:
smtpd_sender_restrictions =
reject_unlisted_sender,
check_sender_access hash:/etc/postfix/sender_access
reject_unknown_sender_domain,
reject_non_fqdn_sender,
permit
But the "loophole" here is that blank sender/return-path is allowed (MAILER
DAEMON), I could prohibit that, but with huge caveats.
> On 22 Aug 2022, at 17:20, post...@ptld.com wrote:
>
> This isn't the complete answer to your problem, but one of the puzzle pieces
> that might help your situation.
>
> smtpd_recipient_restrictions = reject_non_fqdn_sender
> http://www.postfix.org/postconf.5.html#reject_non_fqdn_sender
>
>
>> We have received a big batch of phishing emails that was not properly
>> detected (hence not blocked). They all shared a special characteristic:
>> To: Recipients
>> From: Administrateur
>> Reply-To: <nore...@admin.fr>
>> Return-Path: <>
>> To and From are not qualified email addresses, Reply-To is bogus but
>> qualified even though admin.fr does not have an MX record. Envelope Mail
>> From / Return-Path is blank.
>> Is there a proper way to block this kind of junk in Postfix or do I have to
>> rely on my antispam (that will need tuning, obviously)?
>
