This milter compares the envelope sender with the sender specified in the mail header for authenticated users.

It aims to resolve the problem that OpenDKIM signs ALL mails with domains listed in its databases. If you have a multi user setup, user A "[email protected]" can send mails with the from field "From: [email protected]" and OpenDKIM signs it although user A should not be allowed to send authenticated mails from "[email protected]".

The postconf option "reject_authenticated_sender_login_mismatch" doesn't solve the problem at all, because it only enforces the envelope sender to be correct. This milter further ensures that the sender specified in the header matches the envelope sender.

This code is beta. It would be great if someone who has more experience with libmilter would look at my code and send me some feedback. The code is really short (one file with 270 lines) and based on the libmilter example.

• git cmake make gcc
• libmilter1.0.1 libmilter-dev

mkdir build
cd $_
cmake ..
make

Add a user:

groupadd milterfrom
useradd -g milterfrom -s /bin/false -d /var/spool/postfix/milterfrom milterfrom
adduser postfix milterfrom
mkdir /var/spool/postfix/milterfrom
chown milterfrom:milterfrom /var/spool/postfix/milterfrom

Move the binary and the service file:

cp milterfrom /usr/local/bin
cp ../milterfrom.service /etc/systemd/system/

Configure postfix to use the milter:

postconf -e "smtpd_milters = unix:/milterfrom/milterfrom$([[ $(postconf -h smtpd_milters) != "" ]] && echo -n ", " && postconf -h smtpd_milters)"
postconf -e "non_smtpd_milters = unix:/milterfrom/milterfrom$([[ $(postconf -h non_smtpd_milters) != "" ]] && echo -n ", " && postconf -h non_smtpd_milters)"

Start everything:

systemctl enable milterfrom
service milterfrom start
service postfix restart

openssl s_client -connect mail.coolkids.invalid -starttls smtp

CONNECTED(00000003)
[TLS stuff]
---
250 DSN
auth login
[...]
235 2.7.0 Authentication successful
mail from: [email protected]
250 2.1.0 Ok
rcpt to: [email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
From: [email protected]
To: [email protected]
Subject: Diese Mail ist super vertrauemswuerdig!11

Hey Justin,

i bims Jacqueline. Ich liebe dich lol!

Deine Jacqueline
.
550 5.7.1 Rejected due to unmatching envelope and header sender.
quit
221 2.0.0 Bye
closed

To start the daemon directly, run the following (Remove the -d to run in foreground):

./milterfrom -u milterfrom -g milterfrom -m 002 -d -p /var/run/milterfrom.pid -s /var/spool/postfix/milterfrom/milterfrom

Licensed under the 3-Clause BSD License.