Enable SMTP Login/Sender address validation

Thanks to @stephdl it is now possible to Check authenticated user/identity before sending ¹: current SMTP/AUTH login name must be authorized to use a sender address.

Imagine that we have the user joe and the account domain example.com. The following rules apply:

  • User joe can write as joe@example.com
  • If joe is listed as recipient in the email alias sales@example.com he can also send messages as sales@example.com
  • Similarly, if joe is recipient for email alias joe.brown@aliasdomain.com he can set that address as sender
  • Any other sender address is forbidden for user joe. Hence shared mailbox permissions does not affect sender address authorization

To enforce the rules above, enable the e-smith SenderValdation prop in postfix key ²:

# config setprop postfix SenderValidation enabled
# signal-event nethserver-mail-server-update

To enable authenticated submission on WebTop, execute the commands documented here: http://docs.nethserver.org/en/v7/webtop5.html#smtp-setting

DISCLAIMER :warning: as the rule list could be subject to changes, please consider this #howto as alpha!

See also

  1. Check authenticated user/identity before sending
  2. https://github.com/NethServer/nethserver-mail/blob/master/README.rst#sender-address-validation


  • can aliases been looked for also from distribution lists or groups?
  • is this setting server-related or user-related?

Yes, as said the 2nd point: If joe is listed as recipient in the email alias…

About groups: apart from IMAP ACLs, they are not related with the mail server configuration

The setting is a system-wide configuration switch: once enabled it affects all the users. It could be possible to implement individual user policies with a template-custom.

In my mind, an user-related useful option could be the override of the address validation.
A sysadmin could configure any MFP with only one SMTP account but multiple senders and recipients for SMTP-delivered scans.

I also guess that this could became quite a nightmare as implementation.

What happens to the ‘mail address’ that is used for, for example, system update notifications? Or backup status notifications?
For example, when the backup status notification is sent by a non existent (alias) email address, it is sent now anyway. If I activate this feature, would that stop sending those notification mails?
Second: IF the notification mails are stopped because of this and I still wanted to use that mailaddress for notifications, to what account should the alias be added? (AFAIK the accounts listed are not local accounts, but accountprovider accounts… this is a problem?)