Issue Blocking spoofed mail from my own domain on Plesk? (PHP mail() compatibility)

[Azurel]

Server operating system version

AlmaLinux 8.10

Plesk version and microupdate number

Plesk Obsidian 18.0.73#3

Hello,

I receive spoofed emails claiming to be from addresses on my own domain from external unknown IPs.
SPF, DKIM, and DMARC are configured correctly.

My goals:

• Only block emails spoofing for my own domains from external sources
• Allow local PHP mail() and Plesk processes

Is there a safe and effective way in Plesk to do this?

Currently smtpd_sender_restrictions in /etc/postfix/main.cf is this:

smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated

I'm considering to change this to:

smtpd_sender_restrictions = check_sender_access hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated, permit_mynetworks, reject_authenticated_sender_login_mismatch, reject_sender_login_mismatch, reject_unauth_destination

Are these additions useful, and where should I place them? /etc/postfix/main.cf may be overwritten during updates, which would make my changes lost.

Thanks for advice!

 

[Sebahat.hadzhi]

I cannot confidently confirm whether the options you are planning to add won't cause any conflicts. Regarding the spoofing issue, maybe this could help:

• https://support.plesk.com/hc/en-us/...ect-a-Plesk-mail-server-against-mail-spoofing

 

[Azurel]

Thanks for the link, but unfortunately that doesn’t really help. I don’t want to reject all incoming emails — only the fake ones that appear to come from my own domain. In this case, the SPF setting is just too strict. And I definitely won’t buy an extension for something that should really be included in Plesk by default for security reasons. And I doubt that the extension even does what I'm looking for.