When a stranger uses a local address SPF check gets ignored completely

marcotibben
Posts: 5
Joined: Fri Aug 31, 2012 2:59 pm

When a stranger uses a local address SPF check gets ignored completely

Postby marcotibben » Sun Apr 21, 2019 5:05 pm

Hi,

I'm getting really sick and tired of this problem and really believe its a mailenable shortcoming.

- I do not want to activate the 'authenticated users can spoof sender addresses', because that brought me all kinds of trouble with costumers who have specific software solutions which uses its own smtp servers and people who use Hotmail or gmail with external pop3 accounts, and costumers who use external newsletter solutions.. and then can't mail with people on my server.. so please don't state that as an answer...

- i have SPF records installed, and all works perfectly.. UNTIL.. someone spoofs the e-mailaddress.. suddenly mailenable does no attempt whatsoever to look at the SPF records..? it just completely ignores the SPF check, there is no mention of it in the header, while all other mail does have that mention.. just because some external spammer says he's someone else and puts a false e-mail address in the from field? That's clearly a security risk! Logfiles clearly state its an SMTP-IN activity and in no way a registered user of the system, just a external spammer sending mail to my server. So why just ignore all SPF checks?!? You should really fix this, because fishing maill is coming in in bucketloads. I would love to have ALL incoming e-mails SPF checked.

marcotibben
Posts: 5
Joined: Fri Aug 31, 2012 2:59 pm

Re: When a stranger uses a local address SPF check gets ignored completely

Postby marcotibben » Wed May 15, 2019 12:43 pm

well it's great to have this many responses to this serious problem.. thanks!
in addition to solving this very annoying problem (lets call it a bug) I went through the debug log.. which states:

05/15/19 13:44:58 ME-I0101: [1832] Whitelisted: Message from ([SMTP:example@domain.com]) has been whitelisted because the recipient (xxxx/xxxx) has whitelisted the sender.

this while I have NO whitelists enabled in the system at all! whitelists are potential leaks, so I would never use one.. meanwhile hackers use some kind of bug apparently to get mail into the system UNCHECKED..

well.. thats nice! please fix this..! quick..

MailEnable-Ian
Site Admin
Posts: 8866
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: When a stranger uses a local address SPF check gets ignored completely

Postby MailEnable-Ian » Thu May 16, 2019 12:29 am

Hi,

The log snippet indicates that the destination mailbox has white listed the sender address.

05/15/19 13:44:58 ME-I0101: [1832] Whitelisted: Message from ([SMTP:example@domain.com]) has been white listed because the recipient (xxxx/xxxx) has whitelisted the sender.

You need to log into the web mail client for recipient xxxx/xxxx and navigate to the "Options" page. Expand the "Spam" node and click on "Whitelist" option. Check the list to see if the recipient has white listed the email address or domain.
Regards,

Ian Margarone
MailEnable Support

Who is online

Users browsing this forum: No registered users and 32 guests