mod-slm: Valvula sender login mismatch module

mod-slm allows to implement sender login mismatch restrictions which allows limiting mail-from's spoofing.

Postfix currently has support for this but you need to declare some full mapping between sender and auth account which in many cases is not possible, hard to implement and more over, it may require exceptions that are also possible, but again, difficult to maintain.

At the same time, the module provides different operation modes that can better adapt to different scenarios, providing full mode, same-domain mode, valid-mail-from and disabled.

Current modes are:

How to configure mod-slm

These values are configured inside <enviroment> node like follows, inside /etc/valvula/valvula.conf file:

<sender-login-mismatch mode='full' />

mod-slm Handling restrictions

mod-slm also provides a way to not apply restrictions to certain combinations. For that, you must insert that exception inside the SQL database. Get into database declared for valvula (take a look at /etc/valvula/valvula.conf) and run the following query:

INSERT INTO slm_exception (is_active, description, mail_from, sasl_username)
VALUES ('1', 'Some descripcion', '', 'sasl_user_to_accept');