[Kolab-devel] fake sender protection (Is: Mail Filter Settings, explain please.)

Fri May 6 14:01:12 CEST 2011

Am Donnerstag, 21. April 2011 16:33:23 schrieb Robert Baldwin:
> What do these settings actually do? I am unable to determine this from
> the description.

In addition to what Christoph has already answered:
The goal is that if a sender address is displayed,
there is some trust that it is not faked.

For example SMTP usually allows people to send anything as From:-header line, 
even when you are authenticated. As example if you are authenticated
as Robert towards your SMTP server, you can then send a header which will make 
your email displayed like it was send by "Doug Finch <dfinch at bynari.net>".

The mail filter in questions tries to prevent this 
and the settings you have asked for tune its behaviour in the details.

Consider the technical idea that we can control emails within our own
installation, so we know if a user connects authenticated, which email 
addresses the user is allowed to use for the from:-header. This gets checked
by comparing envelope to header "from"-address.

Somebody from the outside could not create something from my domain,
but if an email is send to a mailinglist first and cames back, the email
was not under our control. So there is an options to mark this email 
from:-header that is is unchecked.

> Check messages for mismatching From header and envelope from:
> enabled: kolabfilter-verify-from-header: TRUE
> disabed: kolabfilter-verify-from-header: FALSE

This is the on-off for the fake protection.
Recommendation: On.

> Use the Sender header instead of From for the above checks if Sender is
> present :
> enabled: kolabfilter-allow-sender-header: TRUE
> disabled: kolabfilter-allow-sender-header: FALSE

Compare envelop with "Sender:"-header if it exist in some conditions.
See the RFCs for Sender:-header, but not that not all email clients
will display it correctly.

> Action to take for messages that fail the check: :
> Reject the message, except if it originates from the outside and the
>    From header matches one of Kolab server's domains. In that case rewrite
> the From header so the recipient can see the potential forgery.
> selected: kolabfilter-reject-forged-from-header: FALSE

So we mark the from:-header:
Recommendation: on. You may want to tune the inserted text, though.

> Always reject the message. Note that enabling this setting will make the
> server reject any mail with non-matching sender and From header if the
> sender is an account on this server. This is known to cause trouble for
> example with mailinglists.
> selected: kolabfilter-reject-forged-from-header: TRUE

This will reject posts like the one from the mailinglist.

This is how it should work, then there can be defects of course. :)
Bernhard

-- 
Managing Director - Owner: www.intevation.net       (Free Software Company)
Deputy Coordinator Germany: fsfe.org. Board member: www.kolabsys.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/devel/attachments/20110506/652fe3c5/attachment.sig>