Hello everyone,
I tried to search with Google and here in the forum but I was not able to find directions.
Sometimes the users of our mail system fall into phishing and as a result their accounts are used to send thousands of spam emails.
I recently noticed that spammers are able to send mail (after authenticating with stolen credentials) with a blank sender address (From = <>).
I've implemented the match between FROM address and sasl username as stated here https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
but the case of from = <> is not avoided, while in all other cases it works.
I guess emails with blank sender (from = <>) need to be accepted to follow RFCs but is there a way to prevent an authenticated user from not sending them?
Any hint would be appreciated!
Thanks in advance