No Description

dependabot[bot] da7bcc7a3a Bump alpine from 3.17.3 to 3.18.0 (#41) 1 year ago
.github e9f70c3b8f Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#39) 1 year ago
cmake d5af93675e changed directory structure; changed CMakeLists 6 years ago
src 3a2403ec1b envelope from length: size type 6 years ago
systemd 6e7d9bc0b9 use configure_file to set binary path 6 years ago
.gitignore 31c513a809 Add .gitignore 6 years ago
CMakeLists.txt 6e7d9bc0b9 use configure_file to set binary path 6 years ago
Dockerfile da7bcc7a3a Bump alpine from 3.17.3 to 3.18.0 (#41) 1 year ago eecf4b8953 readme: added docker instructions 4 years ago


This milter compares the envelope sender with the sender specified in the mail header for authenticated users.

It aims to resolve the problem that OpenDKIM signs ALL mails with domains listed in its databases. If you have a multi user setup, user A "a@example.invalid" can send mails with the from field "From: b@example.invalid" and OpenDKIM signs it although user A should not be allowed to send authenticated mails from "b@example.invalid".

The postconf option "reject_authenticated_sender_login_mismatch" doesn't solve the problem at all, because it only enforces the envelope sender to be correct. This milter further ensures that the sender specified in the header matches the envelope sender.

Dependencies (as Debian package names)

  • git cmake make gcc
  • libmilter1.0.1 libmilter-dev

Build and install

mkdir build
cd $_
make install # this installs the executable and the Systemd unit
systemctl daemon-reload

If you wish to install to a custom directory:


Configure (on a Systemd and Postfix environment)

Add a user:

groupadd milterfrom
useradd -g milterfrom -s /bin/false -d /var/spool/postfix/milterfrom milterfrom
adduser postfix milterfrom
mkdir /var/spool/postfix/milterfrom
chown milterfrom:milterfrom /var/spool/postfix/milterfrom

Configure postfix to use the milter:

postconf -e "smtpd_milters = unix:/milterfrom/milterfrom$([[ $(postconf -h smtpd_milters) != "" ]] && echo -n ", " && postconf -h smtpd_milters)"
postconf -e "non_smtpd_milters = unix:/milterfrom/milterfrom$([[ $(postconf -h non_smtpd_milters) != "" ]] && echo -n ", " && postconf -h non_smtpd_milters)"

Start everything:

systemctl enable milterfrom
service milterfrom start
service postfix restart


openssl s_client -connect mail.coolkids.invalid -starttls smtp
[TLS stuff]
250 DSN
auth login
235 2.7.0 Authentication successful
mail from: chantal@coolkids.invalid
250 2.1.0 Ok
rcpt to: justin@external.invalid
250 2.1.5 Ok
354 End data with <CR><LF>.<CR><LF>
From: jacqueline@coolkids.invalid
To: justin@coolkids.invalid
Subject: Diese Mail ist super vertrauemswuerdig!11

Hey Justin,

i bims Jacqueline. Ich liebe dich lol!

Deine Jacqueline
550 5.7.1 Rejected due to unmatching envelope and header sender.
221 2.0.0 Bye


To start the daemon directly, run the following (Remove the -d to run in foreground):

milterfrom -u milterfrom -g milterfrom -m 002 -d -p /var/run/ -s /var/spool/postfix/milterfrom/milterfrom

Run via Docker

docker build -t milterfrom .
docker run --restart=unless-stopped --daemon --name milterfrom milterfrom:latest
postconf -e "smtpd_milters = tcp:milterfrom:8890$([[ $(postconf -h smtpd_milters) != "" ]] && echo -n ", " && postconf -h smtpd_milters)"
postconf -e "non_smtpd_milters = tcp:milterfrom:8890$([[ $(postconf -h non_smtpd_milters) != "" ]] && echo -n ", " && postconf -h non_smtpd_milters)"


Licensed under the 3-Clause BSD License.