scottk/Mailu
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu.git synced 2025-11-02 02:57:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove the strict anti-spoofing rule.

Browse Source
This commit is contained in:
Florent Daigniere
2022-10-18 15:58:53 +02:00
parent 48e1e91a2c
commit 3e51d15b03
3 changed files with 1 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/admin/mailu/internal/views/postfix.py
View File

@@ -158,21 +158,6 @@ def postfix_sender_rate(sender):
user = models.User.get(sender) or flask.abort(404)
return flask.abort(404) if user.sender_limiter.hit() else flask.jsonify("450 4.2.1 You are sending too many emails too fast.")
@internal.route("/postfix/sender/access/<path:sender>")
def postfix_sender_access(sender):
""" Simply reject any sender that pretends to be from a local domain
"""
if '@' in sender:
if sender.startswith('<') and sender.endswith('>'):
sender = sender[1:-1]
try:
localpart, domain_name = models.Email.resolve_domain(sender)
if models.Domain.query.get(domain_name):
return flask.jsonify("REJECT")
except sqlalchemy.exc.StatementError:
pass
return flask.abort(404)
# idna encode domain part of each address in list of addresses
def idna_encode(addresses):
return [

1
core/postfix/conf/main.cf
View File

@@ -110,7 +110,6 @@ check_ratelimit = check_sasl_access ${podop}senderrate
smtpd_client_restrictions =
permit_mynetworks,
check_sender_access ${podop}senderaccess,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,

1
towncrier/newsfragments/2475.feature Normal file
View File

@@ -0,0 +1 @@
Remove the strict anti-spoofing rule. In 2022 we should have other controls (SPF/DKIM) for dealing with authorization and shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts.