# postfix: reject mail from:<>

## pahud

Sorry to ask the question here, but I just failed to subscribe 

postfix mailing list. My question is, how to reject smtp 

client which use mail from:<> as its sender address? 

I've noticed that most of the mail servers will accept 

mails likethat. I read

http://www.postfix.org/uce.html#smtpd_sender_restrictions

but can't find any way to do so. Ideas?

----------

## vicay

 *pahud wrote:*   

> Sorry to ask the question here, but I just failed to subscribe 
> 
> postfix mailing list. My question is, how to reject smtp 
> 
> client which use mail from:<> as its sender address? 
> ...

 

Hello,

it's part of the SMTP RFC, that a SMTP-server has to accept

an Envelope Sender Address of "<>". 

Best regards

vicay

----------

## pahud

 *vicay wrote:*   

> 
> 
> Hello,
> 
> it's part of the SMTP RFC, that a SMTP-server has to accept
> ...

 

Well, then anyone can use this "standard" to spam the mail server.

Something like

```
MAIL FROM: <>

RCPT TO: <non_exist_user@my.domain.com>

DATA

```

Then the mail server will bounce this mail to postmaster, which is very annoying and that's why I need to find some tricks to aviod mails like this. If postfix has problem to avoid this in its configuration, is it possible to use header check or whatever filtering feature to avoid this?

----------

## vicay

 *pahud wrote:*   

> 
> 
> Well, then anyone can use this "standard" to spam the mail server.
> 
> Something like
> ...

 

Hello again,

You might configure your mailsystem that it doesn't accept

mail for unknown local users. So the "spammer" isn't able to

to progress further that RCPT TO:

Additionally everybody can send a mail to postmaster@domain.

he does not need a From-address of <>  :Smile: 

best regards

vicayLast edited by vicay on Wed Jan 22, 2003 7:25 am; edited 1 time in total

----------

## pahud

 *vicay wrote:*   

> 
> 
> You might configure your mailsystem that it doesn't accept
> 
> mail for unknown local users. So the "spammer" isn't able to
> ...

 

The queston is that the spammer always knows valid user account in the mail server hence they spam the accounts successfully with empty sender address.

In this case, what can I do to avoid that?

----------

## vicay

 *pahud wrote:*   

> 
> 
> The queston is that the spammer always knows valid user account in the mail server hence they spam the accounts successfully with empty sender address.
> 
> In this case, what can I do to avoid that?

 

ok, if the spammer knows valid useraccounts

to send mail to,

it does not matter per default , WHAT From-address he uses.

so the <>  is not the problem. 

You might want to use some smtpd_recipient_restrictions and 

RBL-lookups. just have a look into the sample-smtpd.cf

that ships with postfix.

best regards

vicay

----------

## Xor

please stop discussing <> matters, if ask for troubles do a pcre table and DISCARD anything from MAILER-DAEMON and <>.... have a lot of fun....

anyhow, the righ way would be to take a look at the sample-smtpd.cf file... there are a lot of restrictions, turn them on and you won't receive any SPAM anymore.... but also no mail from lousy configured MTAs... which usually indicate SPAM source....

----------

## splooge

Here's what I added in my main.cf, maybe it'll help

```
smtpd_helo_required = yes

smtpd_delay_reject = no

maps_rbl_domains = relays.visi.com,

                   relays.ordb.org,

                   blackholes.mail-abuse.org,

                   relays.osirusoft.com

smtpd_recipient_restrictions =

                reject_invalid_hostname,

                reject_unknown_sender_domain,

                reject_unknown_recipient_domain,

                reject_unauth_pipelining,

                permit_mynetworks,

                reject_non_fqdn_hostname,

                reject_unauth_destination,

                reject_maps_rbl,

                check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,

                check_sender_access hash:/etc/postfix/sender_checks,

                check_client_access hash:/etc/postfix/client_checks,

                permit

smtpd_sender_restrictions =

                reject_unknown_sender_domain
```

Locally it still allows relay access, but when I ssh out to another box on the net and telnet back in to the smtp port and do all the commands myself, I get:

```
[splooge@mrnice splooge]$ telnet mail.pwned.com 25

Trying 64.175.123.217...

Connected to mail.pwned.com.

Escape character is '^]'.

220 mail.pwned.com ESMTP Postfix

ehlo somedomain.com

250-mail.pwned.com

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-XVERP

250 8BITMIME

mail from:<>

250 Ok

rcpt to:<someuser@somedomain.com>

554 <someuser@somedomain.com>: Relay access denied
```

----------

