Sender from address verification

dawie_strauss

Registered
Oct 19, 2021
4
0
1
South Africa
cPanel Access Level
Reseller Owner
I've just noticed something thatalarms me.
If I have the email username and password for say user [email protected], I can use sendmail for example to send from user [email protected], as long as user B exist.
Is there any way to prevent this? Otherwise one compromised user account means is is possible to spoof mail from the whole domain.
 
Last edited by a moderator:

mtindor

Well-Known Member
Sep 14, 2004
1,454
110
193
inside a catfish
cPanel Access Level
Root Administrator
Regardless of whether a users' email account is compromised, one can still easily spoof email from a domain. That's what SPF / DKIM / DMARC are for. But, if a user's email account is compromised, it's even more easy to spoof mail for any users in that domain -- since the emails will pass all SPF / DKIM / DMARC checks. It's just a nature of the beast. The From: address has always been easily forged.
 
  • Like
Reactions: cPRex

dawie_strauss

Registered
Oct 19, 2021
4
0
1
South Africa
cPanel Access Level
Reseller Owner
Regardless of whether a users' email account is compromised, one can still easily spoof email from a domain. That's what SPF / DKIM / DMARC are for. But, if a user's email account is compromised, it's even more easy to spoof mail for any users in that domain -- since the emails will pass all SPF / DKIM / DMARC checks. It's just a nature of the beast. The From: address has always been easily forged.
Thank you. I'm obviously not an email expert. But since I know we use SPF / DKIM / DMARC I was wondering if the from field can be checked against the authentication details, but I can't find any info on this. So looks like thats the way it is.