Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1655
Views
0
Helpful
2
Replies

Outgoing email with ldap sender match

slicciardola
Level 1
Level 1

‎01-29-2021 07:12 AM

Hi all,

i'm testing ESA for outgoing email sending, just configured LDAP and it works.

The problem is if i set as sender addres "myboss@company.com" it will send the email even if i am not in right to do this!

Since i am only authorized to send email from "myemail@company.com".

How can i prevent this to happen?

Thanks

Labels:
0 Helpful
2 Replies 2

Libin Varghese
Cisco Employee
Cisco Employee

‎02-01-2021 02:56 AM

Emails sent outgoing are usually trusted and not validated for sender/recipient address.

Most spoofing protection relies on detecting domain spoofing but seeing as how you are referring to the user section of the email address this would need custom filter configuration.

The original sender could have a custom header or sender IP added to the email headers or something unique to identify themselves that ESA can use to validate it using filters.

 

Regards,

Libin

0 Helpful

Lemat
Level 1
Level 1

‎02-16-2021 04:13 PM

ESA is not good at such problems

SMTP is even worse... 

 

I would recommend using additional mail server i.e. postfix with reject_sender_login_mismatch option carefully planted in smtpd_sender_restrictions (before permit_sasl_authenticated). smtpd_sasl_authenticated_header = yes. User authenticating as boss@example.com will be able to send emails as boss@example.com (envelope sender address) only.

0 Helpful
Customers Also Viewed These Support Documents