Facebook
Twitter
N
Nikos Ioakeim
Guest
Hi to all,
i have a very urgent matter that i need to resolve as soon as possible.
I decided to revert my mail server to postfix to gain more flexibility for fighting spam. Instead i got a bigger problem now. Everything is working fine on submission port 587 but when it comes to port 25, anyone can send an email stating that is a local user, without even forging the envelope-from. In more detail, when a mail comes to the host claiming to be a local user that sends an email to a local user, the system must require an authentication. Instead it fails only if the mail is going to an outside domain.
Is there a way to tell postfix that local users need to authenticate no matter where they send mail to?
One last thing. I have many complaints from users, that they receive mail claiming to be by their mail but instead, it's a forgery of the envelope-from and header from:. The spammer sends email from a valid email, and then forges the From: and To: in the data part, so the users see the forged sender address.
Is there any way to check using header_checks these 2 inputs to identify spam?
Please Parallels this is a very urgent call.
Thank you in advance
PS: I could give out some ip's to check it out, but it would lead to greater problems.
i have a very urgent matter that i need to resolve as soon as possible.
I decided to revert my mail server to postfix to gain more flexibility for fighting spam. Instead i got a bigger problem now. Everything is working fine on submission port 587 but when it comes to port 25, anyone can send an email stating that is a local user, without even forging the envelope-from. In more detail, when a mail comes to the host claiming to be a local user that sends an email to a local user, the system must require an authentication. Instead it fails only if the mail is going to an outside domain.
Is there a way to tell postfix that local users need to authenticate no matter where they send mail to?
One last thing. I have many complaints from users, that they receive mail claiming to be by their mail but instead, it's a forgery of the envelope-from and header from:. The spammer sends email from a valid email, and then forges the From: and To: in the data part, so the users see the forged sender address.
Is there any way to check using header_checks these 2 inputs to identify spam?
Please Parallels this is a very urgent call.
Thank you in advance
PS: I could give out some ip's to check it out, but it would lead to greater problems.
