BLank or null "From" for authenticated users

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
robertvon
Posts: 21
Joined: Wed Sep 21, 2016 1:23 pm
ZCS/ZD Version: ZCS 8.8.15-P42 FOSS

BLank or null "From" for authenticated users

Post by robertvon »

Hello everyone,
I tried to search with Google and here in the forum but I was not able to find directions.

Sometimes the users of our mail system fall into phishing and as a result their accounts are used to send thousands of spam emails.

I recently noticed that spammers are able to send mail (after authenticating with stolen credentials) with a blank sender address (From = <>).

I've implemented the match between FROM address and sasl username as stated here https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
but the case of from = <> is not avoided, while in all other cases it works.

I guess emails with blank sender (from = <>) need to be accepted to follow RFCs but is there a way to prevent an authenticated user from not sending them?

Any hint would be appreciated!

Thanks in advance
Post Reply