Hello!
I want to block sending mails from authorized users with fake "FROM" attribute in letters.
After googling, i find this articles
1) https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
2) https://wiki.zimbra.com/wiki/Prevent_Se ... meone_Else
Explain please what is the difference between these methods?
Do I need to perform both or just one?
Enforcing a match between FROM address and sasl username
Re: Enforcing a match between FROM address and sasl username
The first method sets a rule that refuses the connection if the sasl_username used to authenticate on your MTA differs from the MAIL FROM: line of the envelope.
Basically if someone steals your credentials, can authenticate as you@yourdomain.com, and then send a lot oof spam to internal accounts as buyviagra@mydomain.com
This rule binds to send as the authenticated user.
The second method is similar but operates on at body level and not at envelope. zimbraAllowAnyFromAddress set to TRUE allows an user authenticated as you@yourdomain.com to set a different header in your body like
From: Spam Boy <superspambot@secretsite.gov>
If set to false, the user can use only his account name.
Basically if someone steals your credentials, can authenticate as you@yourdomain.com, and then send a lot oof spam to internal accounts as buyviagra@mydomain.com
This rule binds to send as the authenticated user.
The second method is similar but operates on at body level and not at envelope. zimbraAllowAnyFromAddress set to TRUE allows an user authenticated as you@yourdomain.com to set a different header in your body like
From: Spam Boy <superspambot@secretsite.gov>
If set to false, the user can use only his account name.