On 04/12/12 10:38, Russell Coker wrote:
On Tue, 4 Dec 2012, Peter Ross <Peter.Ross@bogen.in-berlin.de> wrote:
For non-technical staff it is sometimes hard to understand why it is so difficult to implement requests as "Let John send all e-mails besides of the one that may be malicious." Should be easy, because: "You do it all the time, filtering spam." If "malicious" means "soon to be ex-employee sending email to clients from a work address" then it's easy to stop. If you want to stop them using their gmail account etc then it's an entirely different problem. But hopefully the clients would treat email from gmail differently from email that originates with the company. Most users don't understand the difference between the address in the from header and the one in the smtp envelope, much less look closely at which servers a message has travelled through.
Gmail servers are a special case as they rewrite the from header to match the account you use to authenticate with the SMTP service. Few mail servers do this though so substitute some other mail server for gmail and you're back to it being impossible to prevent a message being sent that looks plausible enough to fool most users. Sending through servers other than your company mail server might give anti-spam systems a better chance to react (SPF, DCIM), but it's out of your hands to do much about that. Going back to the original question though, if it helps to limit the number of recipients, then I suspect you can do that with policyd. Either that or one of the other filters that interacts with postfix in a similar way. Andrew McNaughton