Thanks again for the great job are doing in here. Much appreciated, so wil must give the rule system an try to solve the issue. that cannot be directly handeled in MTA (postfix) level, like you explained ;)
I mentioned another approch here, but still don't know, if it will regard the from: info for the blocking decision, as i don't expect any e-mail coming form "outside" having my own domain as from adresse (sender). All e-mails have the from with my e-mail domain will be send out from my internal...
I asked which header fields postfix will examine to prevent / block such spoofed mails coming from"own" domain.
if postfix does not look and grab the e-mail address / Domaininfo there - for the "from:" - this approch won't do the job...
So @Stoiko Ivanov do you know it or have experiance for it?
@Stoiko Ivanov:
On which level operates this one using postfix MTA to block E-mails form "outside" using your own domains configured within PMG:
https://sajonara.de/2014/07/07/e-mail-spam-mit-absender-blacklisten-postfix-eindaemmen/...
@hata_ph
It's coming straight from external side / external IP-Adresses received by PMG. So no relay (security) problem at all.
And the unsettling thing is that PMG is NOT able to detect and catch such spoofed E-Mails, yet.
The logfile lines unleash the real sender address:
Received-SPF...
Thank's for reply, but too specific to the general problem, that fake from name spoof adress can still be received indicating as coming from own doamin name. There most be more smarter approches @Stoiko Ivanov ?
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.