Mailcow allows sender spoofing about mailcow-dockerized HOT 12 CLOSED

The fact that postfix accepted email doesn't says anything. No confirmation or diffs provided. Mailcow have spoofed aunauth with score of 50. This effectively reject all mail. If you have quarantine it will be accepted and puttes there. Without details from rspamd scan results ticket is not finished. It's question for support, not for github issues.

from mailcow-dockerized.

You have for example sendgrid or anything else that allowed to send as your domain validly to your own domain, and you have your MX pointed to mailcow, mail to you will go to MX, so to mailcow, why they have to be rejected?

If dmarc is passing - mail should be accepted, in mailcow it is stricter then even this, emails only from trusted or whitelisted hosts are allowed. Spoofing is handled for mime from, envelope from isn't matter, as users don't care about it. To pass dmarc at least spf or dkim should exist, this has nothing to do with sasl auth and this what postfix can't check by itself, and this what rspamd is verifying. Please do not throw stuff about open relay, this totally not fits here, as open reay is https://en.m.wikipedia.org/wiki/Open_mail_relay - server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. If you want to holywar, let's continue in community.

I still not see your diffs and rspamd logs.

from mailcow-dockerized.

If Rspamd is responsible for these kind of things, this issue is obsolete. I have disabled it for this test, because I wanted to isolate the issue. Obviously not the right thing to do :)
Thanks for your time.

from mailcow-dockerized.

What did rspamd or postfix say to this spoofed mail? It should check your SPF record and either reject or at least mark as spam.

from mailcow-dockerized.

Not the case.

from mailcow-dockerized.

Why would postfix accept emails for sending that are coming from an unauthorized sender from a domain that it itself manages?

Do you see rspamd responsible for rejecting not properly authorized mails in the mailcow setup? If so, why? Why not postfix?

If rspamd is responsible, the issue is a different one.

It's question for support, not for github issues.

Maybe if we can clarify on intended setup and who and what is responsible for spoof prevention, the 'issue' becomes more apparent. At least for me, postfix should not allow it. As for you, I am not sure yet until the role of 'rspamd' is clarified.

What did ... postfix say to this spoofed mail?

The log for the specific email is in the first post.
If there should be more, please let me know where to find it.

It should check your SPF record and either reject or at least mark as spam.

If a mail is spoof sent from and to the same domain and is marked as "spam", a user would have it in their inbox or better their "spam" folder in most case. Barely anyone can allow themselves to "lose' mail, so it will be deliverd on way or another. In the spam folder the is no 'scale' of spam. It is either 'spam' or a 'false positive'. That is what users have learned.
Let's say you are in a company setting. People would check their spam folder from time to time and find an email from their boss. If the claim is not too outrageous they would automatically assume that the mail is not spam and take it as a 'false positive'.

This does not seem to be a save way to go about spoofed emails, does it?

I will produce some rspamd logs and attach them asap.

from mailcow-dockerized.

Postfix is not capable for such checks in general, please check what you asking before writing a bug reports. There is no bugs you speaking about. For mail system it's totally fine to be distributed and it's totally valid case when server A sends mail to server B with envelope from that already exist on server B. I not willing to explain SMTP basics in the github issues, you missing basic knowledge about how SMTP authentication working unfortunately.

from mailcow-dockerized.

Postfix is not capable for such checks in general,

What is smtpd_sender_restrictions with reject_sender_login_mismatch when not that then?
How is it valid, even in a distributed case, that a mail server without any allow list, just accepts mails for domains that is is responsible for without a proper authentication or authorization?
Isn't that just an open relay?

I have setup servers that do not allow for existing mail boxes to be used as the From if there is not a valid SASL authentication. There was no rspamd or similar in the mix, just plain postfix.

If you do not want to explain it, I would appreciate a pointer into appropriate documentation. :) Because from what I read from the postfix docs, it is possible.
I do want to understand :D

P.S.: Ich nehme es auch auf Deutsch, wenn das einfacher ist :)

from mailcow-dockerized.

from mailcow-dockerized.

I have setup servers that do not allow for existing mail boxes to be used as the From if there is not a valid SASL authentication. There was no rspamd or similar in the mix, just plain postfix.

And by this you break RFC and many valid usecases which are working in mailcow. Plus from what you speaking you don't see difference between envelop and mime from, which is totally different things.

from mailcow-dockerized.

Sorry, but this not even fun. You continue to contr argument after I in the second message clearly said it's rspamd responsibility and you can't say you dropped one of the core modules? Such things should be said in the description.

from mailcow-dockerized.

I will do better next time :) Thanks for your continued feedback.

from mailcow-dockerized.