postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: ..::Spoofing Issues::..

Re: ..::Spoofing Issues::..

From: mouss <mouss_at_nospam>
Date: Mon Oct 04 2010 - 20:48:00 GMT
To: postfix-users@postfix.org

  Le 04/10/2010 21:37, Alfonso Alejandro Reyes Jimenez a écrit :
>
> Hi, everyone.
>
> I have an issue with some users that are spoofing our mail server,
> rightnow we can restrict the spoofing on the same server.
>
> But if they use another smtp server pretending that they are on our
> domain the can send those emails.
>

That's a FEATURE in smtp...

> I use to work with websense which can be configured to get only mails
> from the users and ip address that belong to the domain, is there some
> way to tell postfix that he owns the domain mycompany.com and it
> reject everything that pretend to be the same domain?
>
> Or any other idea to prevent the outside spoofing?
>
>

you can certainly do

smtpd_recipient_restrictions =
     permit_mynetworks
     permit_sasl_authenticated
     reject_unauth_destinaion
     check_sender_access hash:/etc/postfix/access_sender

== access_sender:
mydomain.example REJECT blah blah
.mydomain.example REJECT blah blah