|Main Archive Page > Month Archives > postfix-users archives|
On 2011-04-01 11:22:04 (-0500), Vernon A. Fort <firstname.lastname@example.org> wrote:
> I'm trying to find a way to block/reject inbound messages forging our
> internal email addresses. Meaning their inbound messages using MY email
> address but there not originating from my server.
> I cannot seem to find the correct solution. Anyone.
With restriction classes you can drop this spoofing.
Key is to first seperate your own server(s) (e.g. by giving them an OK
before this check). Afterwards if the sender-domain matches any of your
domain it must be spoofing (as only external servers reach this check)
and you can just reject it.