Having a hard time understanding "Identities" in roundcube!

[nooblette]

Hey,

I just installed roundcube on my webserver and it's working like a charm, but when I stumbled across the "identities"-feature I felt like my heart stopped beating for a moment.

Let's say I got two mailboxes setup for two different users of my mail server: user_a@mymailserver.tld and user_b@mymailserver.tld. How come user_a@mymailserver.tld is now able to send mails as user_b@mymailserver.tld without specifying any password whatsoever?!

I didn't even know my setup (postfix+dovecot) would allow this!

And there's not even any information about the real sender in the header of the mail.

Please, PLEASE help me as I struggle to grasp what's going on!

Thanks in advance!

[SKaero]

Its very easy to change the From header because email is a trust based setup, its rare for more authentication to be done on a standard mail server setup. If you want you can disabled identities in the Roundcube config with the following option:

Code: [Select]

// Set identities access level:
// 0 - many identities with possibility to edit all params
// 1 - many identities with possibility to edit all params but not email address
// 2 - one identity with possibility to edit all params
// 3 - one identity with possibility to edit all params but not email address
// 4 - one identity with possibility to edit only signature
$config['identities_level'] = 0;

Keep in mind that doesn't change how your mail server handles mail with a different From address so any other connected client could still do the same thing.

[nooblette]

Keep in mind that doesn't change how your mail server handles mail with a different From address so any other connected client could still do the same thing.

Thanks for your answer! But say, you don't happen to know what setting I need to change in my Postfix config to restrict this behavior on the server side?

[SKaero]

I don't, I only add a header to let me know what account the email comes from. I don't modify the from header.

[nooblette]

I don't, I only add a header to let me know what account the email comes from. I don't modify the from header.

Thanks for replying, again!

Yes, as long as you force your users to use your roundcube webclient (the one that adds the header) this is actually the best solution I can think of, if you want your users to have the option of using multiple identities. But as soon as you stop restricting access to your smtpd to that webclient, you're pretty much asking for trouble IMHO. This is why I added reject_sender_login_mismatch to the smtpd_sender_restrictions now (at least I hope that's the setting I was looking for). I'm glad I installed roundcube so I found out about that security flaw of my postfix setup.

[MMcK]

Not sure if this is will help the original poster, but I have two roles at work, and wanted an 'identity' for each.  My actual e-mail remains the same: e.g., myname@mycompany.org.  However, I created a signature for one saying "Sincerely, [followed by] my name [in a cursive and blue font] and Recorder,the title of that particular role, and repeated for the second identity for Webmaster.   Now when I send a message, I choose between the 2 identities, by looking at the signature for each.