Hi all =) I'm new here and pretty desparate ... I'm trying to whitelist a SMTP server in my postfix header_checks configuration file. To prevent Phishing mails we reject all external mails to our internal network with our company domain as e-mail address. As we have a webshop which sends order verifications with our company domain as e-mail address we need to whitelist those e-mails. It happens that the sender e-mail addresses change or that there are newly added addresses. Therefore we don't want to whitelist every single e-mail address separately. It'd be much easier to whitelist the webserver sadly it's not working and the e-mails are still being dropped by postfix. The webserver sends e-mails with phpmail(). Server specifications: OS: RHEL7 Postfix version: 2.10.1 header_checks: Code: if /^From:.*\<.*@.*COMPANY.*\..*\>.*/ /^From:.*WHITELIST_DOMAIN_NAME\.net/ DUNNO /^Received:.*WHITELIST_DOMAIN_NAME\.net/ DUNNO /.*WHITELIST_DOMAIN_NAME.*/ WARN Worked /^From:.*@COMPANY.com.*/ DISCARD FAKE ADDRESS /^From:.*\<.*@.*COMPANY.*\..*\>.*/ DISCARD FAKE ADDRESS AGGRESSIVE endif Mail Header (as seen as received mail): Code: [...] Received: from WHITELIST_SERVER.WHITELIST_DOMAIN_NAME (WHITELIST_SERVER.WHITELIST_DOMAIN_NAME [WHITELIST_IP_ADDRESS]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) [...] Postfix Logs Code: Dec 17 16:32:16 MAILSERVER postfix/cleanup[Nr.]: Mail-ID: discard: header From: DISPLAY NAME <MAILADDRESS@COMPANY> from WHITELIST_SERVER.WHITELIST_DOMAIN_NAME[WHITELIST_IP_ADDRESS]; from=<WHITELIST_SERVER.WHITELIST_DOMAIN_NAME> to=<TESTUSER@COMPANY> proto=ESMTP helo=<WHITELIST_SERVER.WHITELIST_DOMAIN_NAME>: FAKE ADDRESS Thanks in advance for your help =)
Thank you for your reply. I think this sadly only works if I'd use blacklists to reject those mails. I'm using header_checks to check certain patterns. I've tried to implement the rbl_override but sadly the mails are still being rejected: Code: [root@MAILSERVER log]# tail -f maillog | grep -i -E WHITELIST_DOMAIN_ADDRESS Dec 23 14:13:52 [...] postfix/smtpd[...]: connect from WHITELIST_DOMAIN_AND_IP_ADDRESS Dec 23 14:13:52 [...] postfix/smtpd[...]: Anonymous TLS connection established from WHITELIST_DOMAIN_AND_IP_ADDRESS: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) Dec 23 14:13:52 [...] postfix/smtpd[...]: [...]: client=WHITELIST_DOMAIN_AND_IP_ADDRESS Dec 23 14:13:52 [...] postfix/cleanup[...]: [...]: message-id=<...> Dec 23 14:13:52 [...] postfix/cleanup[...]: [...]: discard: header From: Shop Support <[email protected]> from WHITELIST_DOMAIN_AND_IP_ADDRESS; from=<web-user@WHITELIST_DOMAIN> to=<[email protected]> proto=ESMTP helo=<WHITELIST_DOMAIN>: FAKE ADDRESS Dec 23 14:13:52 [...] postfix/smtpd[...]: disconnect from WHITELIST_DOMAIN_AND_IP_ADDRESS
