How to reject SMTP send if From header doesn't match SMTP user?

Operating System & Version
CloudLinux 7.9
cPanel & WHM Version
11.90.0.16
keat63

keat63

Well-Known Member
Nov 20, 2014
1,961
267
113
cPanel Access Level
Root Administrator
I'l be honest, I'm not entirely sure that this is possible.
I'm pretty sure it's been discussed on here many times, although I could be wrong.

You could look in exim config at:


EXPERIMENTAL: Rewrite From: header to match actual sender [?]
If you enabled this option, the From: header will be rewritten to be the email address of the actual message sender. If you choose the "remote" option, only messages that are being sent to remote destinations will be affected.
 
Last edited:
cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
14,359
2,249
363
cPanel Access Level
Root Administrator
I think this is similar to the many "how to stop spoofing" threads that get created. You can't really prevent then with 100% certainty, but there are things you can do to help reduce the chances of them getting through. A few possible options are here:

support.cpanel.net

Preventing spoofed emails

Symptoms If you've had an email delivered that was sent from your address, and you know you didn't send the message, that's an example of a spoofed email. These are often used in phishing scams or...
support.cpanel.net support.cpanel.net

but a search of the forums for "spoof" will give you many threads with different workarounds and recommendations that users have implemented over the years.
 
manoaratefy

manoaratefy

Well-Known Member
Nov 17, 2018
58
5
8
Madagascar
cPanel Access Level
Root Administrator
Twitter
Hello,

After a lot of searching, I decided to filter these email using Exim filter. So, I added /usr/local/cpanel/etc/exim/sysfilter/options/fail_from_dont_match_sender with the following content:
Code: 
if $header_from: does not matches "" and
   $header_from: does not contains $sender_address
then
  fail text "From header doesn't match authenticated sender"
  seen finish
endif
I applied changes by enabling this filter on WHM > Service Configuration > Exim Configuration Manager but it doesn't work. I did something wrong?
 
Last edited:
W

WasChristine

Technical Analyst
Aug 10, 2018
57
11
83
Houston, TX
cPanel Access Level
Root Administrator
Hello.

Does adjusting this line make any changes to the way that your filter works?:

if $header_from: does not matches "" and

Specifically changing "matches" to "match". We must note that our assistance on this matter is quite limited, though you may be able to get this to work through testing various changes in the custom filter.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
B SMTP error from remote mail server after end of data: 554 mail server permanently rejected message (#5.3.0) Email 7
manoaratefy Reject at SMTP time when Email Send Limits reached Email 1
S All emails from eBay rejected by SMTP (other senders working just fine) Email 7
D Exim doesn't reject at SMTP time invalid local recipients when sender is also local Email 6
1 Reject mail at SMTP time if the sender host is in the zen.spamhaus.org rbl Email 18
Similar threads
SMTP error from remote mail server after end of data: 554 mail server permanently rejected message (#5.3.0)
Reject at SMTP time when Email Send Limits reached
All emails from eBay rejected by SMTP (other senders working just fine)
Exim doesn't reject at SMTP time invalid local recipients when sender is also local
Reject mail at SMTP time if the sender host is in the zen.spamhaus.org rbl
Top Bottom