Re-enable sender access check to prevent source spoofing

2025-10-30 23:37:43 +02:00 · 2018-10-07 01:52:01 +02:00
parent f3f0b98755
commit fc99eb7b34
3 changed files with 14 additions and 0 deletions
--- a/core/admin/mailu/internal/views/postfix.py
+++ b/core/admin/mailu/internal/views/postfix.py
@@ -40,3 +40,15 @@ def postfix_transport(email):
    localpart, domain = email.split('@', 1) if '@' in email else (None, email)
    relay = models.Relay.query.get(domain) or flask.abort(404)
    return flask.jsonify("smtp:[{}]".format(relay.smtp))
+
+
+@internal.route("/postfix/sender/<sender>")
+def postfix_sender(sender):
+    """ Simply reject any sender that pretends to be from a local domain
+    """
+    localpart, domain_name = sender.split('@', 1) if '@' in sender else (None, sender)
+    domain = models.Domain.query.get(domain_name)
+    alternative = models.Alternative.query.get(domain_name)
+    if domain or alternative:
+        return flask.jsonify("REJECT")
+    return flask.abort(404)
--- a/core/postfix/conf/main.cf
+++ b/core/postfix/conf/main.cf
@@ -87,6 +87,7 @@ smtpd_helo_required = yes

 smtpd_client_restrictions =
  permit_mynetworks,
+  check_sender_access ${podop}sender,
  reject_non_fqdn_sender,
  reject_unknown_sender_domain,
  reject_unknown_recipient_domain,
--- a/core/postfix/start.py
+++ b/core/postfix/start.py
@@ -17,6 +17,7 @@ def start_podop():
 		("alias", "url", "http://admin/internal/postfix/alias/§"),
 		("domain", "url", "http://admin/internal/postfix/domain/§"),
        ("mailbox", "url", "http://admin/internal/postfix/mailbox/§"),
+        ("sender", "url", "http://admin/internal/postfix/sender/§")
    ])

 convert = lambda src, dst: open(dst, "w").write(jinja2.Template(open(src).read()).render(**os.environ))