1 Topic by anatomism

  • anatomism
  • Member
  • Offline
  • Registered: 2017-11-15
  • Posts: 2

Topic: Add warning to incoming email from external sources

==== Required information ====
- iRedMail version (check /etc/iredmail-release):  0.9.7
- Linux/BSD distribution name and version: Debian 9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Does anyone know of a way to insert a warning message into the body of the email for all email received from external mail servers, to the effect of "Warning, this email originated from outside of MY COMPANY'S network, please exercise caution when opening links".

This is mainly to help prevent spoofing when mails are sent from external addresses, pretending to be an internal user. I already have SPF and DKIM setup to prevent spoofing on the actual domain, but it doesn't stop emails coming from @comcast.net etc.

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,163

Re: Add warning to incoming email from external sources

anatomism wrote:

This is mainly to help prevent spoofing when mails are sent from external addresses, pretending to be an internal user.

This should be rejected by iRedAPD plugin "reject_sender_login_mismatch". Do you have it enabled in /opt/iredapd/settings.py?

3 Reply by anatomism

  • anatomism
  • Member
  • Offline
  • Registered: 2017-11-15
  • Posts: 2

Re: Add warning to incoming email from external sources

ZhangHuangbin wrote:
anatomism wrote:

This is mainly to help prevent spoofing when mails are sent from external addresses, pretending to be an internal user.

This should be rejected by iRedAPD plugin "reject_sender_login_mismatch". Do you have it enabled in /opt/iredapd/settings.py?

Hi Zhang,

Thanks for the reply, but that's not what I mean.  Sure if someone tries to use the email Joe.bloggs@mycompany.com then it will be rejected, but if someone uses the name Joe Bloggs, but the email Joe.bloggs@gmail.com it will obviously come through, but some of my users aren't diligent enough to check the actual address, and only go by the send Firstname Lastname of the person. Thats what I'm trying to avoid by adding the warning that it originated outside of our mail server

Thanks

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,163

Re: Add warning to incoming email from external sources

You may need a milter program to check the sender addresses in email message.

iRedAPD doesn't get mail headers or mail body, it just gets some info of the smtp session. Check this document to see what it gets:
http://www.postfix.org/SMTPD_POLICY_README.html