g_from_allow_ip - IP addresses to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_ip string
g_from_allow_to - destination user to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_to string
g_from_bl - Domain Based Blacklist Zones, lookups FROM domain in dns
The 'from' domain is checked against the specified RBL which must be a special 'FROM' based rbl which lists spammers by from address. Most spammers fake from addresses so this is a fairly marginally useful method.
Syntax: g_from_bl name=string stamp=string
g_from_body_bounce - Reject if local from header address is probably faked
Checks if the sender is authenticated or from an address that can relay, if not then the message is bounced if it claims to be from a local domain. One of the settings to prevent forgery
Syntax: g_from_body_bounce bool
g_from_bounce - Bounce if from is probably faked
Bounce if from address is probably faked.
This check is activated for any mail with a local domain in the from address but not using SMTP authentcation, relay allow IP address or spam allow IP address.
Syntax: g_from_bounce bool
g_from_check - Check from matches valid local domain
Check from domains match valid local domains if user is authenticated, or g_from_allow.Should be used with g_from_bounce "true" which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_check bool
g_from_domain - Default domain for from envelope
Fixes the 'from' envelope if the email client failed to specify a domain name, this doesn't fix the from header currently but we may change that in future!
Syntax: g_from_domain string
g_from_exact - Check from matches authenticated user
Check from matches authenticated user. If user is not authenticated the setting is skipped.
Should be used with g_from_bounce "true" which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_exact bool
g_from_force - From address for all sent messages
Used when you want to make all messages use the same valid bounce address, reply-to header will contain original from if it doesn't exist
Syntax: g_from_force string
g_from_header - From header used in delivery bounces
From header used in delivery bounces.
Syntax: g_from_header string
g_from_list_too - Also enforce from rules from lists
Doesn't allow lists to bypass forge rules
Syntax: g_from_list_too bool
g_from_must_exist - Require local from addresses to exist or reject mail
Can be useful in blocking dumb spam robots
Syntax: g_from_must_exist bool
g_from_noforge - If envelope or from is local domain then the other must be too
This can prevent many common forms of forgery, this will bounce some real email, so probably better to use the noforgeme setting instead. One of the settings to prevent forgery
Syntax: g_from_noforge bool
g_from_noforge_some - If from matches this then from/envelope must match
Prevent forgeries of important local addresses, e.g. *support*
Syntax: g_from_noforge_some string
g_from_noforgeme - If to==from then from and env from must match
This can prevent many common forms of forgery, this is safer than the noforge setting above, and generally almost as effective. One of the settings to prevent forgery
Syntax: g_from_noforgeme bool
g_from_noforgename - If from contains two addresses the domains must match
Prevents forgery where the descriptive name is a fake email address that doesn't match the real address
Syntax: g_from_noforgename bool
g_from_nofriend - If forge setting would bounce message then allow message but don't allow friend match
This setting modifies the g_from_noforgeme behaviour so it doesn't block the message but does prevent a friend match occurring
Syntax: g_from_nofriend bool
g_from_ok - Whitelist for invalid from addresses we will permit
This setting has no further documentation currently available
Syntax: g_from_ok string
g_from_relay - If not authenticated and g_relay_allow_ip matched then block if not local domain or whitelisted
This one helps prevent a local virus sending out spam. It basically says non authenticated users who can relay due to a g_relay_allow_ip rule must send from one of your domains or use smtp authentication or be in a white list. Note this test is performed on the message envelope not the body. We recommend insisting on smtp authentication to reduce your risk of this type of problem.
Syntax: g_from_relay bool
g_from_relay_white - White list of domains for g_from_relay setting
This is domains that can be used as a 'from' address for non authenticated users, in addition to local domains
Syntax: g_from_relay_white string
g_from_rewrite - Rewrite from envelope for outgoing email, e.g. *@this.domain -> %1@another.domain
This lets you change the 'from' address from an internal domain name to a valid public domain name. The change is performed on the From envelope (return path), not the from header. And the chanage does not affect the return path written in local deliveries, only outgoing email. Mfilter rules can be used to rewrite the actual message headers.
Syntax: g_from_rewrite was=string to=string
g_from_rewrite_header - Rewrite the from header as well
Replaces the From: header in the mesage with the new address.
Syntax: g_from_rewrite_header bool
g_from_rewrite_sender - Rewrite the sender header as well
Replaces the Sender: header in the mesage with the new address.
Syntax: g_from_rewrite_sender bool
g_from_stamp - Stamp if from is probably faked
Stamp message with "X-Verify-Failed:" header if from address is probably faked.
eg: X-Verify-Failed: <user@mydomain.com> From mydomain.com is local but user not authenticated or from g_relay_allow_ip
This check is activated based on the same conditions as g_from_bounce.
Syntax: g_from_stamp bool
g_from_timeout - Timeout on g_badfrom_* checks
Timeout in seconds of g_badfrom_* checks. Default = 60 seconds. If this timeout is reached the g_badfrom check will be classed as having failed.
Syntax: g_from_timeout int
g_from_valid - Require an @ and dotted domain in all return addresses
This forces the sender to either give 'no' reply address or a valid one with an @ and a dotted domain
Syntax: g_from_valid bool