At work, I'm facing security risk with the mail sender spoofing. I have a relay mail server which accepts mail relay from all server subnets.
If an user in a normal server sends mail within command line:
user@server$ echo mail_content | mail -r vip@company.com -s Important recipient@company.com
So basically, this guy can pretent to be anyone when sending email, which could lead to really big trouble
What I'm expecting is, even though running the above command, the recipient still get the mail with From: user@server
How can I do it in Postfix?
Edit: I forgot to add, the authentication method is Active Directory, not sure if it makes the configuration much complicated 🙂
Best Answer
You don't. Although many people seem to believe that e-mail servers somehow check the
Envelope FromandFromheaders and magically prevent spoofing, they don't and they shouldn't, because that would break e-mail forwarding.This is not different from snail mail - I could write you a letter and put "Bill Gates, One Microsoft Way, Redmond" as the sender on both the letter and the envelope, and the postal service would accept and deliver it to you nonetheless. The real world doesn't prevent sender spoofing, and neither does SMTP.