| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Ubuntu Server 22.04LTS |
| Webmin version | 2.101 |
| Virtualmin version | 7.8.2 Pro |
| Related packages | SUGGESTED |
Hi Guys,
So I’m trying to stop people from sending email from the FROM field and it doesn’t exist in the domain.
Kind Regards
Jan Muller
What are you talking about ? Is this some web app contact us form or something within the virtualmin/webmin interface ?
Not a web app. Normal emailing, when the From field is changed for example my@example.co.za
But example.co.za domain doesn’t exist on the server.
So say the sender has credentials to send mails out. But they change the from field to make it look like its being sent from their bank bank@example.co.za
So I basically want to tell postfix if the from field doesn’t match the domain it must reject it.
You posted wrongly in the Virtualmin category, in fact it is a request for help for a particular situation.
If you search on the Internet, you will find out that there are solutions, but you need to learn first how Postfix works.
I’ve tried the online ones i’ve found without success. Hence why I’m asking here
Maybe look at usermin and setup a condition there which in turn will either allow or reject an email to be either deleted or passed to the inbox of the user
Usermin option won’t work because I’m hosting like 78 domains on this server. So need something to do it Globally. I’m not sure how to set this up on spamassasin if anyone has some insight on it please.
I take it you would do that in Header and Body Tests in spamassasin just not how to.
Yea i’m pretty lost here hahaha I want to apply rule globally so when someone tries to send from other email address than the domain on the server it will block it.
So example is I used authentication on the server to send mails but then I changed the FROM field to something random. it goes through to the to address.
There’s no reason to be rude. And, procmail has nothing to do with outgoing mail, in the default Virtualmin configuration. (Nor does SpamAssassin.)
This answer on ServerFault looks pretty good: hosted exchange - Forcing the from address when postfix relays over smtp - Server Fault
Hi Joe, thank you Joe, how do I do the mapping to all the domains on my server. I’m fussy on that.
Is there some sort of file that already exists that could be used for this mapping or would it have to be maintained with each addition/deletion of a domain?
Joe, do you maybe know how to do the mapping for each email address. Can I use the virtual file maybe to achieve this?
Good Morning Guys,
I don’t think the mapping is necessary because After I set up Pyzor and Razor I see spamassassin is doing the from checks see below.:
Content analysis details: (13.4 points, 5.0 required)
pts rule name description
0.0 RCVD_IN_MSPIKE_L4 RBL: Bad reputation (-4)
[103.15.234.69 listed in bl.mailspike.net]
2.7 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[103.15.234.69 listed in psbl.surriel.com]
0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
mail domains are different
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
1.0 SPF_SOFTFAIL SPF: sender does not match SPF record (softfail)
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or
identical to background
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
2.0 PDS_FROM_NAME_TO_DOMAIN From:name looks like To:domain
0.0 RCVD_IN_MSPIKE_BL Mailspike blocklisted
2.2 FROM_IN_TO_AND_SUBJ From address is in To and Subject
1.3 PDS_FRNOM_TODOM_NAKED_TO Naked to From name equals to Domain
0.1 TO_IN_SUBJ To address is in Subject
3.8 URI_PHISH Phishing using web form
So I think the only scenario were it won’t to spam is were the mail comes from a clean host and clean relay.
Kind Regards