Postfix: Reject mail based on From not matching the Received From

Denny

10/31/23, 6:28 PM

I want to reject mail when it comes in from one domain but the spammer outs the users email in the "From:" field

Here's the pertinent headers:

Received: from static-186-219-185-178.tudointernet.net.br (static-186-219-185-178.tudointernet.net.br [186.219.185.178])
    by michael2.lhtek.com (Postfix) with ESMTP id 1A0E6921F3C
    for <[email protected]>; Sat, 29 Oct 2022 22:10:18 -0500 (CDT)
From: <[email protected]>
To: <[email protected]>

Notice the "Receive From" doesn't match the "From". The spammer is spoofing the from.

Any ideas on how to catch this via Postfix settings (i.e. main.cf settings)?

1 + 2

postfix

glts

10/31/23, 6:47 PM

This is not a spam indicator. The `Received` host and HELO name does not have to match the `From` header domain at all. If you block this, you will block a very high proportion of legitimate mail.

Denny

10/31/23, 6:57 PM

Thanks for the reply. I checked some of the other emails for this users and see that what you said is true. The problem is it appears to come from the user and he knows he didn't send it. Thus it appears as spam to him. He gets a lot of this type of mail. Any ideas on how to filter this?

Score:0

Server

anx

11/1/23, 9:11 AM

There is nothing wrong with the SMTP transaction using a different return address from the Sender indicated in the mail headers. However, if one of them matches the domain of the recipients, they have full control over what combinations to allow. Often, no mail whatsoever coming in from outside should claim have the sender matching your own mailbox.

You are probably looking for email authentication schemes to setup as the basis of rejecting obviously spoofed messages, a popular one you want to consider enabling both on your server, as well as in a published policy for other servers, would be DMARC.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Postfix: Reject mail based on From not matching the Received From

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.