Checking From inside the message

akrus akrus at flygroup.st
Mon Dec 22 08:27:30 CET 2014


Hi,

Recently I've received an email with fake 'From' that had my local 
domain inside. To correctly understand what's wrong there, here are 
explanations:
1) my domain is 'flygroup.st'
2) external domain is 'external.org' (just an example)

Sending similar email:
[external.org] # telnet mail.flygroup.st 25
HELO external.org
250 ...
MAIL FROM: <test at external.org>
250 ...
RCPT TO: <anyone at flygroup.st>
250 ...
DATA
Message-ID: <439095212 at external.org>
From: Me <external.org at flygroup.st>
To: <anyone at flygroup.st>
Subject: test
Date: Sun, 21 Dec 2014 13:34:14 -0700
Content-Language: en-us
x-virtual-mta: vmta1
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"
Return-Path: test at external.org
MIME-Version: 1.0

test
.
250 ...

So such email gets delivered fine. And the problem is email client shows 
this email as being sent from local domain (so it's possible to put 
there local fake sender and people would think it's someone from the 
company). I've been checking documentation for both postfix and amavisd, 
also found some discussions on this, but no possible solution. Could you 
point me in a right direction?

Thanks in advance!



More information about the amavis-users mailing list