Global Settings g_from

  1. Home
  2. Knowledge Base
  3. Settings
  4. Global Settings g_from
  1. Home
  2. Knowledge Base
  3. Spam
  4. Global Settings g_from

Table of Contents

g_from_allow_ip – IP addresses to bypass local from check

This setting has no further documentation currently available

Syntax: g_from_allow_ip string

g_from_allow_to – destination user to bypass local from check

This setting has no further documentation currently available

Syntax: g_from_allow_to string

g_from_bl – Domain Based Blacklist Zones, lookups FROM domain in dns

The ‘from’ domain is checked against the specified RBL which must be a special ‘FROM’ based rbl which lists spammers by from address. Most spammers fake from addresses so this is a fairly marginally useful method.

Syntax: g_from_bl name=string stamp=string

g_from_body_bounce – Reject if local from header address is probably faked

Checks if the sender is authenticated or from an address that can relay, if not then the message is bounced if it claims to be from a local domain. One of the settings to prevent forgery

Syntax: g_from_body_bounce bool

g_from_bounce – Bounce if from is probably faked

Bounce if from address is probably faked.

This check is activated for any mail with a local domain in the from address but not using SMTP authentcation, relay allow IP address or spam allow IP address.

Syntax: g_from_bounce bool

g_from_check – Check from matches valid local domain

Check from domains match valid local domains if user is authenticated, or g_from_allow.Should be used with g_from_bounce “true” which basically forces them to authenticate and then makes this setting work properly.

Syntax: g_from_check bool

g_from_domain – Default domain for from envelope

Fixes the ‘from’ envelope if the email client failed to specify a domain name, this doesn’t fix the from header currently but we may change that in future!

Syntax: g_from_domain string

g_from_exact – Check from matches authenticated user

Check from matches authenticated user. If user is not authenticated the setting is skipped.

Should be used with g_from_bounce “true” which basically forces them to authenticate and then makes this setting work properly.

Syntax: g_from_exact bool

g_from_force – From address for all sent messages

Used when you want to make all messages use the same valid bounce address, reply-to header will contain original from if it doesn’t exist

Syntax: g_from_force string

g_from_header – From header used in delivery bounces

From header used in delivery bounces.

Syntax: g_from_header string

g_from_list_too – Also enforce from rules from lists

Doesn’t allow lists to bypass forge rules

Syntax: g_from_list_too bool

g_from_must_exist – Require local from addresses to exist or reject mail

Can be useful in blocking dumb spam robots

Syntax: g_from_must_exist bool

g_from_noforge – If envelope or from is local domain then the other must be too

This can prevent many common forms of forgery, this will bounce some real email, so probably better to use the noforgeme setting instead. One of the settings to prevent forgery

Syntax: g_from_noforge bool

g_from_noforge_some – If from matches this then from/envelope must match

Prevent forgeries of important local addresses, e.g. *support*

Syntax: g_from_noforge_some string

g_from_noforgeme – If to==from then from and env from must match

This can prevent many common forms of forgery, this is safer than the noforge setting above, and generally almost as effective. One of the settings to prevent forgery

Syntax: g_from_noforgeme bool

g_from_noforgename – If from contains two addresses the domains must match

Prevents forgery where the descriptive name is a fake email address that doesn’t match the real address

Syntax: g_from_noforgename bool

g_from_nofriend – If forge setting would bounce message then allow message but don’t allow friend match

This setting modifies the g_from_noforgeme behaviour so it doesn’t block the message but does prevent a friend match occurring

Syntax: g_from_nofriend bool

g_from_ok – Whitelist for invalid from addresses we will permit

This setting has no further documentation currently available

Syntax: g_from_ok string

g_from_relay – If not authenticated and g_relay_allow_ip matched then block if not local domain or whitelisted

This one helps prevent a local virus sending out spam. It basically says non authenticated users who can relay due to a g_relay_allow_ip rule must send from one of your domains or use smtp authentication or be in a white list. Note this test is performed on the message envelope not the body. We recommend insisting on smtp authentication to reduce your risk of this type of problem.

Syntax: g_from_relay bool

g_from_relay_white – White list of domains for g_from_relay setting

This is domains that can be used as a ‘from’ address for non authenticated users, in addition to local domains

Syntax: g_from_relay_white string

g_from_rewrite – Rewrite from envelope for outgoing email, e.g. *@this.domain -> %1@another.domain

This lets you change the ‘from’ address from an internal domain name to a valid public domain name. The change is performed on the From envelope (return path), not the from header. And the chanage does not affect the return path written in local deliveries, only outgoing email. Mfilter rules can be used to rewrite the actual message headers.

Syntax: g_from_rewrite was=string to=string

g_from_rewrite_header – Rewrite the from header as well

Replaces the From: header in the mesage with the new address.

Syntax: g_from_rewrite_header bool

g_from_rewrite_sender – Rewrite the sender header as well

Replaces the Sender: header in the mesage with the new address.

Syntax: g_from_rewrite_sender bool

g_from_stamp – Stamp if from is probably faked

Stamp message with “X-Verify-Failed:” header if from address is probably faked.

eg: X-Verify-Failed: <user@mydomain.com> From mydomain.com is local but user not authenticated or from g_relay_allow_ip

This check is activated based on the same conditions as g_from_bounce.

Syntax: g_from_stamp bool

g_from_timeout – Timeout on g_badfrom_* checks

Timeout in seconds of g_badfrom_* checks. Default = 60 seconds. If this timeout is reached the g_badfrom check will be classed as having failed.

Syntax: g_from_timeout int

g_from_valid – Require an @ and dotted domain in all return addresses

This forces the sender to either give ‘no’ reply address or a valid one with an @ and a dotted domain

Syntax: g_from_valid bool

Was this article helpful?

Related Articles