c***@avantguardsystems.com
2020-04-21 00:58:23 UTC
I've discovered that authenticated users can send an email from an address that is not the server's official domain. For example: ***@mydomain.com can have ***@outlook.com put in the From and Return-Path fields. Not good. I have yet to determine whether the user name (in this case 'user') has to be exactly the same or not. Part of the problem may be that I never required users to use the entire address field to authenticate. That is they log in with just 'user' and not '***@mydomain.com'. Maybe that would prevent this issue.
Anyhow, based on research over the web a solution involves installing postfix-pcre. But when I try that it complains that postfix is the wrong version. In this case, postfix is version 3.3.0-1ubuntu0.2: whereas postfix-pcre requires v. 3.3.0-1ubuntu0.1. Maybe this more a question for the Ubuntu team, but has anyone else dealt with this issue?
Or perhaps someone knows a way to solve my problem without postfix-pcre
Anyhow, based on research over the web a solution involves installing postfix-pcre. But when I try that it complains that postfix is the wrong version. In this case, postfix is version 3.3.0-1ubuntu0.2: whereas postfix-pcre requires v. 3.3.0-1ubuntu0.1. Maybe this more a question for the Ubuntu team, but has anyone else dealt with this issue?
Or perhaps someone knows a way to solve my problem without postfix-pcre