From: Sahil Tandon (sahiltandon.net)
Date: Wed Jul 29 2009 - 19:26:36 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 29 Jul 2009, Matthew D. Fuller wrote:

> On Wed, Jul 29, 2009 at 03:03:43PM +0100 I heard the voice of
> Clunk Werclick, and lo! it spake thus:
> >
> > My apologies for the terse caveat. As I understand it, there are
> > some external mail services that roaming users may use that forward
> > mail into your Postfix claiming to be from your domain. Myself I do
> > not use this.
>
> The problem doesn't come from what you use, but from what any of your
> users may somewhere use.
>
> Imagine you are example.com, and have two users, aexample.com, and
> bexample.com. aexample.com sends mail to bsomeother.domain (which
> you don't control, and know nothing about, short of looking up its MX
> record and sending the mail on its way). But bsomeother.domain is
> just a forwarder and forwards the mail on to bexample.com. That
> forwarder won't (and quite probably _shouldn't_) change the envelope
> sender. Suddenly, you have mail from "outside", with an envelope
> sender that's you, but is perfectly legitimate. And pretty common.

Much less common is aexample.org sending to asomeother.domain which
forwards back to aexample.org. The OP might consider blocking messages
where both envelope sender and recipient == fooexample.org when originating
from an untrusted source.

--
Sahil Tandon <sahiltandon.net>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]