Fedora Linux Support Community & Resources Center
  #1  
Old 21st May 2009, 12:55 PM
simpson0107 Offline
Registered User
 
Join Date: Feb 2008
Posts: 12
Email sender address - postfix, dovecot etc.

Hi, I have an email server configured with postfix, dovecot, saslauthd and squirrelmail. It works great. In fact I'd even say it works too well: in squirrelmail, I can configure any sender address and my server will accept it. Message will be sent, wether the sender's address is william.gates@microsoft.com or john.smith@yahoo.com. Is there any way of limiting it in such way that only username@MYdomain.ltd is accepted as sender's address?
___________________________
blog szymona

Last edited by simpson0107; 21st May 2009 at 12:57 PM.
Reply With Quote
  #2  
Old 21st May 2009, 03:19 PM
neogranas Offline
Registered User
 
Join Date: Nov 2006
Location: U.S.A.
Age: 28
Posts: 473
Do you have these in your /etc/postfix/main.cf file?

Code:
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
__________________
Registered linux user: #475337

Never underestimate someone with source code, a text editor, and the willingness to completely hose their system.
Reply With Quote
  #3  
Old 21st May 2009, 04:40 PM
simpson0107 Offline
Registered User
 
Join Date: Feb 2008
Posts: 12
Thanks for your post.

Yes, have them all in my main.cf. Without them I would not be able to use a client like Thunderbird to send email through my server from locations other then my own LAN. But I can send email through my server from anywhere.

My problem is different. I don't want my users to abuse my domain by sending emails as someone else, and now it is possible (today I sent an email as someone@pl.ey.com, and it reached it's destination with no problems, although pl.ey.com is not my domain). I found a half-solution, which is changing "true" to "false" in the following squirrelmail configuration file (/usr/share/squirrelmail/config/config.php):

Code:
$edit_identity = false;
$edit_name = false;
But that does not stop people using Thunderbird or Mutt to pretend to be someone else. I want to avoid a situation when I can't send emails from my domain because it's treated as spam or an untrusted domain.

Is there any way of doing it?
Reply With Quote
  #4  
Old 21st May 2009, 04:52 PM
neogranas Offline
Registered User
 
Join Date: Nov 2006
Location: U.S.A.
Age: 28
Posts: 473
There is, my system will not allow any outbound email from anywhere unless there is a user that authenticates. I just tested it a few minutes ago. No user sending will get back a 5.7.1 error, and an unknown user will get authentication errors even when giving a username and password.

Here is my main.cf file, and the output of a postconf:
main.cf.txt
postconf.txt

Hope they help.
__________________
Registered linux user: #475337

Never underestimate someone with source code, a text editor, and the willingness to completely hose their system.
Reply With Quote
  #5  
Old 21st May 2009, 05:11 PM
simpson0107 Offline
Registered User
 
Join Date: Feb 2008
Posts: 12
OK, maybe I'm not making myself clear. Thanks for your post.

I don't want to stop outsiders from sending email as myself. I want to stop myself (or rather my users) from pretending to be someone else. I don't really need it that much now, but it might be useful in the future.

Here's what i mean: make an experiment. Log in to your home directory as a regular user (not in the gui, in the terminal). Create file called .muttrc in your home directory. Then, edit the file and paste this in the first line:
Code:
my_hdr From: Bill <william.gates@microsoft.com>
Save the file and send an email (you must use mutt for the experiment to succede) to yourself. Then check your mailbox and read a message from Bill Gates, straight from Microsoft!

Now this is an example of what I don't want my users to do. So, is there a way of doing that?
Reply With Quote
  #6  
Old 21st May 2009, 05:14 PM
simpson0107 Offline
Registered User
 
Join Date: Feb 2008
Posts: 12
OK, maybe I'm not making myself clear. Thanks for your post.

I don't want to stop outsiders from sending email as myself. I want to stop myself (or rather my users) from pretending to be someone else. I don't really need it that much now, but it might be useful in the future.

Here's what i mean: make an experiment. Log in to your home directory as a regular user (not in the gui, in the terminal). Create a file called .muttrc in your home directory (don't forget the dot in front of the file name). Then, edit the file and paste this in the first line:
Code:
my_hdr From: Bill <william.gates@microsoft.com>
Save the file and send an email to yourself (you must use mutt for the experiment to succede). Then check your mailbox and read a message from Bill Gates, straight from Microsoft! You can send an email like that to any account.

Now this is an example of what I don't want my users to do. So, is there a way of stopping them?
Reply With Quote
  #7  
Old 21st May 2009, 05:36 PM
neogranas Offline
Registered User
 
Join Date: Nov 2006
Location: U.S.A.
Age: 28
Posts: 473
Ah, my mistake. That I don't know because, well, it's really only me on my server so I don't have to worry about that. But I'd be very interested to know the solution so I can use it later if needed.
__________________
Registered linux user: #475337

Never underestimate someone with source code, a text editor, and the willingness to completely hose their system.
Reply With Quote
Reply

Tags
address, dovecot, email, postfix, sender

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
virtual email account on Postfix and dovecot trinimoses Using Fedora 1 26th July 2008 12:15 AM
EMail server setup: FC6+Postfix+Dovecot+Squirrelmail rdnewman Servers & Networking 2 5th August 2007 01:04 AM
Dovecot, Postfix and outlook sendign email. trinimoses Using Fedora 1 5th August 2005 07:10 PM
Receving eMail? Squirrelmail, Dovecot, Postfix simonsez Servers & Networking 0 21st July 2005 08:45 PM


Current GMT-time: 09:12 (Tuesday, 02-09-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat