Blocking forged From: email
Issue #231
resolved
Hi,
I'm not using the PRO version; however I could not find a way to block inbound email for a given domain that has clearly forged From: header
For example; I accept email for mydomain.com
I have several or more accounts for mydomain.com
It should (I believe) only be valid for authenticated users intenrally (by TLS or IP) to relay mail; but on the inbound anything with <forged_user>@mydomain.com should in theory be entirely blocked.
The way this works with Google Apps for example is their servers verify (once) that the email you want to use in the From: is actually owned by you by sending a configuration email first with the assumption that if you can read/access email from the account you want to appear from that that's okay.
Comments (3)
-
-
repo owner
- changed status to open
-
repo owner
- changed status to resolved
fix
#231strict from checking (by default on, current installations off)→ <<cset f64b57ce0c50>>
- Log in to comment
Sorry I forgot to log in! The issue was from me.