How to reject/detect emails claiming to be from my own domain?

Philip Parsons pparsons at
Thu Dec 29 20:32:40 UTC 2016

I thought about the access file but did not know it looked at envelope sender.  This might work for me, like you no inbound SMTP should be from someone at I will run some tests.

-----Original Message-----
From: MailScanner [ at] On Behalf Of Peter H. Lemieux
Sent: December 29, 2016 12:01 PM
To: MailScanner Discussion <mailscanner at>
Subject: Re: How to reject/detect emails claiming to be from my own domain?

The access database in sendmail uses the envelope sender.  On my systems no legitimate inbound mail comes to my SMTP listener from someone at so I can block in /etc/mail/access with          REJECT

However that may not be possible for you if you must support inbound mail from senders on the Internet.  Depending on who they are and where they are located, you can add them to /etc/mail/access with

From:goodguy at     RELAY

then block the residual as in the first example.  You can also permit certain IP addresses or subnets with

Connect:10.10.10.     RELAY

That matches the subnet.  For more details, read

Sendmail is not as flexible as Postfix in this regard.  The latter can use regular expressions, but sendmail's access database only matches text strings.


On 12/29/2016 12:50 PM, Philip Parsons wrote:
> I am trying to get one that does the envelope-from header so at the MTA side of things.  I am hoping someone has done this with sendmail as changing the MTA is not possible at the moment.

MailScanner mailing list
mailscanner at

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list