mirror of
https://blitiri.com.ar/repos/chasquid
synced 2025-12-20 15:07:03 +00:00
e2fdcb3705
This patch adds checks that verify: - The envelope from must match the authenticated user. This prevents impersonation at the envelope level (while still allowing bounces, of course). - If the destination is remote, then the user must have completed authentication. This prevents unauthorized relaying. The patch ends up adjusting quite a few tests, as they were not written considering these restrictions so they have to be changed accordingly.
25 lines
371 B
Plaintext
25 lines
371 B
Plaintext
account default
|
|
|
|
host testserver
|
|
port 1587
|
|
|
|
tls on
|
|
tls_trust_file config/domains/testserver/cert.pem
|
|
|
|
from user@testserver
|
|
|
|
auth on
|
|
user user@testserver
|
|
password secretpassword
|
|
|
|
account smtpport : default
|
|
port 1025
|
|
|
|
account baduser : default
|
|
user unknownuser@testserver
|
|
password secretpassword
|
|
|
|
account badpasswd : default
|
|
user user@testserver
|
|
password badsecretpassword
|