to avoid spam i want block mail for which Return-Path: and From: are not same.how can i do that?
because we are getting spam mail for our our users with sent address of our domain but with different Return-Path:
so i want block such kind of mails....
another is there any way to block mail which having perticular word in there subject or body ...for all users.
for example i want all mail which containing word "******" in there subject or body part for my all users.
How to block mail if Return-Path: and From: are not same
How to block mail if Return-Path: and From: are not same
hi UX,
As per your suggested link i am going to download script from Perl | package FromNotReturnPath; us - Ivan Korotkov - 0m9CYxzV - Pastebin.com
as there is no plugin folder in /spamassassin so i am going to create it , and will save this script as FromNotReturnPath.pm then i will add following lines in to /opt/zimbra/conf/spamassassin/newpre.pre
loadplugin FromNotReturnPath plugins/FromNotReturnPath.pm
header FROM_NOT_RETURN_PATH eval:check_for_from_not_return_path()
describe FROM_NOT_RETURN_PATH From: does not match Return-path:
then i will do following changes in salocal.cf
header __FROM_MYDOMAIN From =~ /@MYDOMAIN.com/i
meta FAKE_MYDOMAIN_ANNOUNCE (__FROM_MYDOMAIN && FROM_NOT_RETURN_PATH)
describe FAKE_MYDOMAIN_ANNOUNCE Fake mail from MYDOMAIN account management
score FAKE_MYDOMAIN_ANNOUNCE 40.0
Plz correct me if i am wrong anywhere..
BUT Ivan in that forum saying-
I'd recommend using it in conjunction with spamming domain (because, technically, return-path does not always equal From even in legitimate e-mail; maillists are counter-example).
So it means this rules will apply to all mails which are coming to my mail server and there Return-path and From address are not same...if this is right then as per him it will create problem incase of mails are from known mailing-lists
So is it possible that this rule will apply to only for my domain only, i mean if the mail have from-path of my domain and not having return-path of my domain then and then only it will be apply.
As per your suggested link i am going to download script from Perl | package FromNotReturnPath; us - Ivan Korotkov - 0m9CYxzV - Pastebin.com
as there is no plugin folder in /spamassassin so i am going to create it , and will save this script as FromNotReturnPath.pm then i will add following lines in to /opt/zimbra/conf/spamassassin/newpre.pre
loadplugin FromNotReturnPath plugins/FromNotReturnPath.pm
header FROM_NOT_RETURN_PATH eval:check_for_from_not_return_path()
describe FROM_NOT_RETURN_PATH From: does not match Return-path:
then i will do following changes in salocal.cf
header __FROM_MYDOMAIN From =~ /@MYDOMAIN.com/i
meta FAKE_MYDOMAIN_ANNOUNCE (__FROM_MYDOMAIN && FROM_NOT_RETURN_PATH)
describe FAKE_MYDOMAIN_ANNOUNCE Fake mail from MYDOMAIN account management
score FAKE_MYDOMAIN_ANNOUNCE 40.0
Plz correct me if i am wrong anywhere..
BUT Ivan in that forum saying-
I'd recommend using it in conjunction with spamming domain (because, technically, return-path does not always equal From even in legitimate e-mail; maillists are counter-example).
So it means this rules will apply to all mails which are coming to my mail server and there Return-path and From address are not same...if this is right then as per him it will create problem incase of mails are from known mailing-lists
So is it possible that this rule will apply to only for my domain only, i mean if the mail have from-path of my domain and not having return-path of my domain then and then only it will be apply.
- barrydegraaff
- Zimbra Employee
- Posts: 242
- Joined: Tue Jun 17, 2014 3:31 am
- Contact:
Re: How to block mail if Return-Path: and From: are not same
One solution is here:
https://iomarmochtar.wordpress.com/2017 ... om-header/
https://github.com/iomarmochtar/zmbr_check_sender
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doing
and rejects false FROM. This solution works on 8.7.11 (I tested)
Another solution is here:
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
However some people have reported this solution does not work, anyway I cannot read that wiki
page. Too much headache.
https://iomarmochtar.wordpress.com/2017 ... om-header/
https://github.com/iomarmochtar/zmbr_check_sender
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doing
and rejects false FROM. This solution works on 8.7.11 (I tested)
Another solution is here:
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
However some people have reported this solution does not work, anyway I cannot read that wiki
page. Too much headache.
Re: How to block mail if Return-Path: and From: are not same
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doingbarrydegraaff wrote:One solution is here:
https://iomarmochtar.wordpress.com/2017 ... om-header/
https://github.com/iomarmochtar/zmbr_check_sender
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doing
and rejects false FROM. This solution works on 8.7.11 (I tested)
Another solution is here:
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
However some people have reported this solution does not work, anyway I cannot read that wiki
page. Too much headache.
and rejects false FROM. This solution works on 8.7.11 (I tested)
it's not working on latest version.
Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS edition, Patch 8.8.8_P6.
is there any way to block the return-path from header ?
- barrydegraaff
- Zimbra Employee
- Posts: 242
- Joined: Tue Jun 17, 2014 3:31 am
- Contact:
Re: How to block mail if Return-Path: and From: are not same
Milter probably still works, perhaps a binary changed location.
Did you check the log? Also I filed an issue here to track any progress from the forum.
https://github.com/Zimbra-Community/mai ... s/issues/5
Did you check the log? Also I filed an issue here to track any progress from the forum.
https://github.com/Zimbra-Community/mai ... s/issues/5