1 (edited by pawawat 2016-03-23 14:22:51)

Topic: mismatch From: mail header

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.4
- Linux/BSD distribution name and version: centos6.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): APACHE
- Manage mail accounts with iRedAdmin-Pro?: yes
- Related log if you're reporting an issue:
====

I have an account abc@test.com. I've tried sending email via outlook 2016 by changing "From section" from  abc@test.com to xyz@test.com. iredmail allow me to spoof fake "from:" email header. ( I've enabled reject_sender_login_mismatch ). How can I prevent this situation to happen?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: mismatch From: mail header

Do you have any setting for plugin 'reject_sender_login_mismatch' in /opt/iredapd/settings.py? Please show us output of command:

grep 'ALLOWED_' /opt/iredapd/settings.py