[Rspamd-Users] Prevent sender address spoofing envelope/header FROM

Taco de Wolff tacodewolff at gmail.com
Fri Jan 5 19:31:34 UTC 2024


Hi,

I want to reduce the amount of misconfigured (and possibly spam) coming
from my mail server. I have a Postfix + Rspamd setup where Rspamd is DKIM
signing outgoing messages from /etc/opendkim/keys/[domain]/default.private.
I'd like to block sending out emails that have a different header FROM
address domain than their envelope FROM address domain. This ensures (as I
understand it) that all outgoing messages are then authenticated with DKIM.
The local part can be different though, that is fine.

Currently, I already enforce the envelope FROM address from Postfix so that
it is a valid mailbox and has a DKIM key. The user can set any header FROM
address however, and if they choose a header FROM address with a different
domain than the envelope address, Rspamd will not DKIM sign the message and
it will be rejected by the destination (eg. gmail) or put in spam. I want
to prevent sending it out to the destination in the first place, can that
be achieved with Rspamd?

Example: user logs in with intern at example.com and sends a mail to
xxx at gmail.com. The envelope FROM is intern at example.com. If the header FROM
is set to user at other.com, Rspamd should reject sending it. If it is
admin at example.com or intern at example.com, it is DKIM signed and send out.

Kind regards,
Taco de Wolff


More information about the Users mailing list