Opened 5 years ago

Last modified 5 years ago

#421 new enhancement

Turn on reject_sender_login_mismatch

Reported by: andersk Owned by:
Priority: normal Milestone:
Component: mail Keywords: opinionated
Cc:

Description (last modified by adehnert)

To help cut down on outgoing spam, we should require that mail sent directly through Scripts carry a matching @scripts.mit.edu address or an address at a matching Scripts vhost. After all, if you want to send mail from @mit.edu, @gmail.com, etc., you should be sending it through outgoing.mit.edu, smtp.gmail.com, etc.—a mismatch here would be an SPF violation anyway.

I think this would be achieved by smtpd_sender_restrictions = reject_sender_login_mismatch, with $smtpd_sender_login_maps configured in correspondence with our $virtual_alias_maps.

This probably implies disabling SMTP to localhost:25.

Change History (5)

comment:1 Changed 5 years ago by quentin

SMTP to localhost should be fine - we can still authenticate the socket.

comment:2 Changed 5 years ago by andersk

Does Postfix implement that kind of authentication?

Separately, we may need another check to match the MAIL FROM address with the From: or Sender: header.

comment:3 Changed 5 years ago by quentin

It's been a while since I looked into it, but IIRC my conclusion was that Postfix doesn't natively implement it, but you could write an authentication plugin for smtpd_sender_restrictions that checks it.

comment:4 Changed 5 years ago by andersk

  • Keywords opinionated added

comment:5 Changed 5 years ago by adehnert

  • Description modified (diff)
Note: See TracTickets for help on using tickets.