postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: ..::Spoofing Issues::..

Re: ..::Spoofing Issues::..

From: Jeroen Geilman <jeroen_at_nospam>
Date: Mon Oct 04 2010 - 19:42:01 GMT
To: postfix-users@postfix.org

On 10/04/2010 09:37 PM, Alfonso Alejandro Reyes Jimenez wrote:
>
> Hi, everyone.
>
> I have an issue with some users that are spoofing our mail server,
>

Spoofing what ? how ?

Proper configuration and a submission setup can prevent sender domain
spoofing.

HELO "spoofing" can be limited or eliminated, if you wish.

> rightnow we can restrict the spoofing on the same server.
>
> But if they use another smtp server pretending that they are on our
> domain the can send those emails.
>
> I use to work with websense which can be configured to get only mails
> from the users and ip address that belong to the domain, is there some
> way to tell postfix that he owns the domain mycompany.com and it
> reject everything that pretend to be the same domain?
>

Certainly, although this is not necessarily a good idea - how will
remote users send mail ?

Using SASL submission with restricted senders is a common scenario, and
anything in $mynetworks should be trusted by you anyway.

> Or any other idea to prevent the outside spoofing?
>

If you mean sender domain spoofing, yes, quite trivial: set up proper
mail submission, and deny anything else.

-- J.