blacklisting and blocking reply-to addresses

Issue #42 invalid
eXtremeSHOK
created an issue

We have noticed a trend with spammers sending from various from addresses. eg.
loanoffer25@outlook.com
loanoffer40@outlook.com
myloadoffer@hotmail.com

but all the emails will have the same reply to address eg.
loan.confirmation@outlook.com

Is there any way to have the blacklist filter check the reply-to address against the blacklist table ?

Comments (10)

  1. eXtremeSHOK reporter
    • changed status to open

    this is not a support issue,
    to the best of my knowledge iredmail does not check blacklisted addresses and domians against the replyto.

    In order for iredmail to blacklist replyto addresses, you need to enhance iredmail to support the functionality.

  2. Zhang Huangbin repo owner

    With default iRedMail setting, user cannot send email as different sender (different email address in mail header 'From:' and sasl auth user).

    Again, this is bug tracker, not a support area. Please use our online support forum instead:
    http://www.iredmail.org/forum/

    Post your Postfix settings (postconf -n) in forum, and related Postfix log to help us understand your issue.

  3. eXtremeSHOK reporter

    the bug: iredmail should check from and replyto against the blacklist.

    Currently only the from is checked against the blacklist.

    Has nothing todo with my settings, every iredmail has the same problem.

  4. Zhang Huangbin repo owner

    Please please please, create a forum topic in our online support forum, show us your Postfix settings (postconf -n), and related Postfix log to help us understand your issue.

    I won't reply here anymore. Sorry about this.

  5. eXtremeSHOK reporter

    obviously you can not understand or do not want to understand.

    there is no bug, only a limitation by iredmail.

    only the from address is checked against the blacklist
    enhancement would be both the reply-to and from a are checked gainst the blacklist.

  6. Zhang Huangbin repo owner

    It's not about i don't want to understand your questions, but about you're working in wrong direction.

    Reply-to should be allowed to use different address.
    Currently, no program checks reply-to header, but you can write a plugin for iRedAPD to achieve this.

    My question is, why your server allows user to send as 'xxx@outlook.com' (either in From: header or sasl auth)? Show us full email header of sample spam you're talking about in FORUM, and post related log in Postfix log file please.

  7. eXtremeSHOK reporter

    these are received emails. sent to us from outlook.com

    spammer registers lots of free accounts on outlook.com and uses them to send email to the iredmail server.

    you cannot block outlook.com, too many users need to receive email from it.

    so the only way is to block/blacklist the replyto

  8. Zhang Huangbin repo owner

    Dear sir/madam,

    Reply-to header should be allowed to use different address, blocking email based on reply-to address is wrong direction.

    Please, let's move to iRedMail online support forum instead. This is neither bug of iRedMail nor limitation. You're working in wrong direction.

  9. Log in to comment