postfix-users April 2011 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: rejecting forged emails

Re: rejecting forged emails

From: Drizzt <drizzt_at_nospam>
Date: Fri Apr 01 2011 - 16:36:23 GMT
To: postfix-users@postfix.org

On 2011-04-01 11:22:04 (-0500), Vernon A. Fort <vfort@provident-solutions.com> wrote:
> I'm trying to find a way to block/reject inbound messages forging our
> internal email addresses. Meaning their inbound messages using MY email
> address but there not originating from my server.
>
> I cannot seem to find the correct solution. Anyone.
>
> Vernon
>

With restriction classes you can drop this spoofing.
Key is to first seperate your own server(s) (e.g. by giving them an OK
before this check). Afterwards if the sender-domain matches any of your
domain it must be spoofing (as only external servers reach this check)
and you can just reject it.