Rejecting emails sent by a local user through a third party site

Troy Carpenter troy at carpenter.cx
Fri Feb 15 17:14:48 CET 2008 

Hi all,

I would think this is an easy problem to fix.  Valentines Day here discovered 
what I consider a policy error, at least for my site.  I have looked online 
and do see this mentioned, but I have yet to figure out how to solve it.

Scenario:  Both user1 and user2 are users of my system.  User1 goes (in this 
example) to Hallmark.com to send an ecard to user2.  The ecard shows up with 
these headers:

-----
Received: from mail068.hallmark.com (mail068.hallmark.com [129.33.92.43])
        by mail.carpenter.cx (Postfix) with ESMTP id EC7C2750737
        for <user2 at carpenter.cx>; Thu, 14 Feb 2008 21:39:59 -0500 (EST)
 Received: from localhost.localdomain (hlmkws027.hlmk.boulder.mebs.ihost.com 
[10.15.146.163])
        by mail068.hallmark.com (AIX5.3/8.13.4/8.13.4) with ESMTP id 
m1F2bRj32195540
        for <user2 at carpenter.cx>; Fri, 15 Feb 2008 02:37:27 GMT
 From: <user1 at carpenter.cx>
 To: <user1 at carpenter.cx>
 Subject: A Hallmark E-Card from User One
 Date: Thu, 14 Feb 2008 20:37:27 -0600
 Message-ID: <200802150237.m1F2bRj32195540 at mail068.hallmark.com>
 MIME-Version: 1.0
 Content-Type: multipart/alternative;
        boundary="----=_NextPart_000_0000_01C86FB7.51E30570"
 X-Mailer: Microsoft Office Outlook 11
 Thread-Index: AchvfA6AY1IJ+lCmS7yHY23fbuJtDw==
 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
-----

Kolab is rejecting the message with this info:
-----
From the notification:
Final-Recipient: rfc822; user2 at carpenter.cx
Original-Recipient: rfc822;user2 at carpenter.cx
Action: failed
Status: 5.7.0
Diagnostic-Code: x-unix; Invalid From: header. user1 at carpenter.cx looks like a
    forged sender
-----

This would probably fail for a host of other commercial type sites that send 
information on behalf of another user.

When this originally failed, I had the following setttings in the "Mail Filter 
Settings" section of the administrator webpage:
The two checkboxes were UNCHECKED, and the first radio button was selected 
(NOT the always reject choice).

Later, I checked the second checkbox (Use Sender if available), but that 
didn't change anything.

I would really like to accept these types of emails.

Thanks,
Troy Carpenter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/users/attachments/20080215/1a9bb0ad/attachment.sig>

More information about the users mailing list