Allow specific users to send email from any address

core/admin/mailu/configuration.py

@@ -32,6 +32,7 @@ DEFAULT_CONFIG = {
     'DOMAIN': 'mailu.io',
     'HOSTNAMES': 'mail.mailu.io,alternative.mailu.io,yetanother.mailu.io',
     'POSTMASTER': 'postmaster',
+    'WILDCARD_SENDERS': '',
     'TLS_FLAVOR': 'cert',
     'INBOUND_TLS_ENFORCE': False,
     'AUTH_RATELIMIT': '1000/minute;10000/hour',

core/admin/mailu/internal/views/postfix.py

@@ -133,10 +133,13 @@ def postfix_sender_map(sender):
 
 @internal.route("/postfix/sender/login/<path:sender>")
 def postfix_sender_login(sender):
+    has_wildcard_senders = bool(flask.current_app.config["WILDCARD_SENDERS"])
+    wildcard_senders = flask.current_app.config["WILDCARD_SENDERS"].lower().split(',') if has_wildcard_senders else []
     localpart, domain_name = models.Email.resolve_domain(sender)
     if localpart is None:
-        return flask.abort(404)
+        return flask.jsonify(",".join(wildcard_senders)) if has_wildcard_senders else flask.abort(404)
     destination = models.Email.resolve_destination(localpart, domain_name, True)
+    destination = [*destination, *wildcard_senders] if destination else [*wildcard_senders]
     return flask.jsonify(",".join(destination)) if destination else flask.abort(404)
 
 

docs/configuration.rst

@@ -37,6 +37,8 @@ The ``POSTMASTER`` is the local part of the postmaster email address. It is
 recommended to setup a generic value and later configure a mail alias for that
 address.
 
+The ``WILDCARD_SENDERS`` setting is a comma delimited list of user email addresses that are allowed to send emails from any address (spoofing the sender).
+
 The ``AUTH_RATELIMIT`` holds a security setting for fighting attackers that
 try to guess user passwords. The value is the limit of failed authentication attempts
 that a single IP address can perform against IMAP, POP and SMTP authentication endpoints.

towncrier/newsfragments/1096.feature

@@ -0,0 +1 @@
+Allow specific users to send emails from any address using the WILDCARD_SENDERS setting