Allow specific users to send email from any address

master
Florent Daigniere 3 years ago
parent 6ea4e3217a
commit 3471ebb214

@ -32,6 +32,7 @@ DEFAULT_CONFIG = {
'DOMAIN': 'mailu.io',
'HOSTNAMES': 'mail.mailu.io,alternative.mailu.io,yetanother.mailu.io',
'POSTMASTER': 'postmaster',
'WILDCARD_SENDERS': '',
'TLS_FLAVOR': 'cert',
'INBOUND_TLS_ENFORCE': False,
'AUTH_RATELIMIT': '10/minute;1000/hour',

@ -133,10 +133,13 @@ def postfix_sender_map(sender):
@internal.route("/postfix/sender/login/<path:sender>")
def postfix_sender_login(sender):
has_wildcard_senders = bool(flask.current_app.config["WILDCARD_SENDERS"])
wildcard_senders = flask.current_app.config["WILDCARD_SENDERS"].lower().split(',') if has_wildcard_senders else []
localpart, domain_name = models.Email.resolve_domain(sender)
if localpart is None:
return flask.abort(404)
return flask.jsonify(",".join(wildcard_senders)) if has_wildcard_senders else flask.abort(404)
destination = models.Email.resolve_destination(localpart, domain_name, True)
destination = [*destination, *wildcard_senders] if destination else [*wildcard_senders]
return flask.jsonify(",".join(destination)) if destination else flask.abort(404)

@ -37,6 +37,8 @@ The ``POSTMASTER`` is the local part of the postmaster email address. It is
recommended to setup a generic value and later configure a mail alias for that
address.
The ``WILDCARD_SENDERS`` setting is a comma delimited list of user email addresses that are allowed to send emails from any address (spoofing the sender).
The ``AUTH_RATELIMIT`` holds a security setting for fighting attackers that
try to guess user passwords. The value is the limit of failed authentication attempts
that a single IP address can perform against IMAP, POP and SMTP authentication endpoints.

@ -0,0 +1 @@
Allow specific users to send emails from any address using the WILDCARD_SENDERS setting
Loading…
Cancel
Save