lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Remove the strict anti-spoofing rule.

Browse Source
main
Florent Daigniere 2 years ago
parent 48e1e91a2c
commit 3e51d15b03
3 changed files with 1 additions and 16 deletions
Show Stats Download Patch File Download Diff File

15
core/admin/mailu/internal/views/postfix.py
Unescape Escape View File

@ -158,21 +158,6 @@ def postfix_sender_rate(sender):
user = models.User.get(sender) or flask.abort(404)
return flask.abort(404) if user.sender_limiter.hit() else flask.jsonify("450 4.2.1 You are sending too many emails too fast.")
@internal.route("/postfix/sender/access/<path:sender>")
def postfix_sender_access(sender):
""" Simply reject any sender that pretends to be from a local domain
"""
if '@' in sender:
if sender.startswith('<') and sender.endswith('>'):
sender = sender[1:-1]
try:
localpart, domain_name = models.Email.resolve_domain(sender)
if models.Domain.query.get(domain_name):
return flask.jsonify("REJECT")
except sqlalchemy.exc.StatementError:
pass
return flask.abort(404)
# idna encode domain part of each address in list of addresses
def idna_encode(addresses):
return [

1
core/postfix/conf/main.cf
Unescape Escape View File

@ -110,7 +110,6 @@ check_ratelimit = check_sasl_access ${podop}senderrate
smtpd_client_restrictions =
permit_mynetworks,
check_sender_access ${podop}senderaccess,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,

1
towncrier/newsfragments/2475.feature
Unescape Escape View File

@ -0,0 +1 @@
Remove the strict anti-spoofing rule. In 2022 we should have other controls (SPF/DKIM) for dealing with authorization and shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts.
Write Preview
Loading…
Cancel
Save