Page 1 of 1
How to block mail if Return-Path: and From: are not same
Posted: Sat Jul 10, 2010 2:45 am
by sadiq007
to avoid spam i want block mail for which Return-Path: and From: are not same.how can i do that?
because we are getting spam mail for our our users with sent address of our domain but with different Return-Path:
so i want block such kind of mails....
another is there any way to block mail which having perticular word in there subject or body ...for all users.
for example i want all mail which containing word "******" in there subject or body part for my all users.
How to block mail if Return-Path: and From: are not same
Posted: Sat Jul 10, 2010 3:38 am
by uxbod
How to block mail if Return-Path: and From: are not same
Posted: Sat Jul 10, 2010 7:09 am
by sadiq007
hi UX,
As per your suggested link i am going to download script from Perl | package FromNotReturnPath; us - Ivan Korotkov - 0m9CYxzV - Pastebin.com
as there is no plugin folder in /spamassassin so i am going to create it , and will save this script as FromNotReturnPath.pm then i will add following lines in to /opt/zimbra/conf/spamassassin/newpre.pre
loadplugin FromNotReturnPath plugins/FromNotReturnPath.pm
header FROM_NOT_RETURN_PATH eval:check_for_from_not_return_path()
describe FROM_NOT_RETURN_PATH From: does not match Return-path:
then i will do following changes in salocal.cf
header __FROM_MYDOMAIN From =~ /@MYDOMAIN.com/i
meta FAKE_MYDOMAIN_ANNOUNCE (__FROM_MYDOMAIN && FROM_NOT_RETURN_PATH)
describe FAKE_MYDOMAIN_ANNOUNCE Fake mail from MYDOMAIN account management
score FAKE_MYDOMAIN_ANNOUNCE 40.0
Plz correct me if i am wrong anywhere..
BUT Ivan in that forum saying-
I'd recommend using it in conjunction with spamming domain (because, technically, return-path does not always equal From even in legitimate e-mail; maillists are counter-example).
So it means this rules will apply to all mails which are coming to my mail server and there Return-path and From address are not same...if this is right then as per him it will create problem incase of mails are from known mailing-lists
So is it possible that this rule will apply to only for my domain only, i mean if the mail have from-path of my domain and not having return-path of my domain then and then only it will be apply.
Re: How to block mail if Return-Path: and From: are not same
Posted: Sat Nov 18, 2017 2:43 pm
by barrydegraaff
One solution is here:
https://iomarmochtar.wordpress.com/2017 ... om-header/
https://github.com/iomarmochtar/zmbr_check_sender
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doing
and rejects false FROM. This solution works on 8.7.11 (I tested)
Another solution is here:
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
However some people have reported this solution does not work, anyway I cannot read that wiki
page. Too much headache.
Re: How to block mail if Return-Path: and From: are not same
Posted: Thu Jun 28, 2018 1:12 pm
by Adiyal
It uses Milter a postfix extension and compares the users rights in LDAP with what the user is doing
and rejects false FROM. This solution works on 8.7.11 (I tested)
it's not working on latest version.
Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS edition, Patch 8.8.8_P6.
is there any way to block the return-path from header ?
Re: How to block mail if Return-Path: and From: are not same
Posted: Mon Aug 20, 2018 6:22 am
by barrydegraaff
Milter probably still works, perhaps a binary changed location.
Did you check the log? Also I filed an issue here to track any progress from the forum.
https://github.com/Zimbra-Community/mai ... s/issues/5