1 Topic by Martin (edited by Martin 2017-02-23 17:07:18)

  • Martin
  • Member
  • Offline
  • Registered: 2016-04-27
  • Posts: 20

Topic: [SOLVED] iRedAPD: allow forged address from specifiques sources

As described in the iRedAPD documention, it's possible to allow someone to send email as forged.
But is it possible to allow only specific ISP or web service to send email with forged address?

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: Debian 8
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache 2.4
- Manage mail accounts with iRedAdmin-Pro? no
- Related log if you're reporting an issue:
====

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: [SOLVED] iRedAPD: allow forged address from specifiques sources

Martin wrote:

But is it possible to allow only specific ISP or web service to send email with forged address?

iRedAPD doesn't support this.

It might be better to introduce your situation with more details, maybe we can achieve your goal in another way.

3 Reply by Martin

  • Martin
  • Member
  • Offline
  • Registered: 2016-04-27
  • Posts: 20

Re: [SOLVED] iRedAPD: allow forged address from specifiques sources

On my server I have 2 situations in which mail are blocked due to forged addresses:

  • There are old addresses hosted elsewhere which are forwarded to my server. So when an user send an email to an old address forwarded back to my server, the sender is considered as forged address

  • Some users use cloud services which use user's address to send email with their own servers, so these mail are blocked.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: [SOLVED] iRedAPD: allow forged address from specifiques sources

Martin wrote:

There are old addresses hosted elsewhere which are forwarded to my server. So when an user send an email to an old address forwarded back to my server, the sender is considered as forged address

In this case, add IP of this old server to iRedAPD parameter in /opt/iredapd/settings.py like below, then restart iredapd service:

MYNETWORKS = ["xx.xx.xx.xx",  "yy.yy.yy.yy"]
Martin wrote:

Some users use cloud services which use user's address to send email with their own servers, so these mail are blocked.

No simple solution yet, except:

- explicitly allow these users (one by one)
- disable forged sender checking in iRedAPD config file:

CHECK_FORGED_SENDER = False

5 Reply by Martin

  • Martin
  • Member
  • Offline
  • Registered: 2016-04-27
  • Posts: 20

Re: [SOLVED] iRedAPD: allow forged address from specifiques sources

I used "MYNETWORKS" to allow the old server and allowed users one by one in others cases.