Koozali.org: home of the SME Server

external email warning notification

Offline gotagug

  • 6
  • +0/-0
external email warning notification
« on: February 03, 2022, 02:36:10 AM »
Hi there! Is there a function where we can put an external email warning notification? for example, the recipient will be prompt if the attachment came from an external source/domain.

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: external email warning notification
« Reply #1 on: February 03, 2022, 10:31:49 AM »
Hi there! Is there a function where we can put an external email warning notification? for example, the recipient will be prompt if the attachment came from an external source/domain.

Hi,

Depends if you are using webmail or a mail client.

In webmail I guess you may be able to script something or see if Horde has sort of plugin.

If you are using a mail client the client itself may have some warnings for remote attachments. I believe Thunderbird does, and I think most modern mail clients have something similar.

https://support.mozilla.org/en-US/kb/remote-content-in-messages

Even then, with the best will in the world, you are relying on your users not clicking stuff. They are often blind to warnings...... Perhaps use an administrative Thunderbird profile that doesn't allow them to modify the Remote Content setting.

To actually modify the body of the email is much harder - you would need a plugin for qpsmtpd and even then I am not sure what happens if you get something actually embedded in an html mail rather than as an 'attachment' or remote file.

Further reading.

qpsmtpd milter filter.

https://www.roaringpenguin.com/files/filtering-with-milter.pdf
https://github.com/smtpd/qpsmtpd/blob/master/plugins/milter
https://metacpan.org/pod/Sendmail::Milter
https://mimedefang.org/
https://github.com/The-McGrail-Foundation/MIMEDefang


So I am not sure there are any easy answers!
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline Jean-Philippe Pialasse

  • *
  • 2,743
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: external email warning notification
« Reply #2 on: February 03, 2022, 01:00:40 PM »
I have seen that in a University, they started tagging all emails not from a @university.com source with a warning inserted on top of the body. 


Worst idea ever.  All emails sent from reputed government agencies and from the attached hospital to the University got this warning. 
They however could have been trusted because all of those sources have correctly configured dmarc, spf, and dkim signed email with strong enforcement.

As a result of the internal body modification dkim verification fails and the email can not be trusted anymore. 

Ironically, this very same university has no  policy or very relaxed one for SPF and DMARC and do not DKIM sign.
Further more they do not allow smtp access for submission from out of the campus (but they do allow IMAP and POP) So you can send a from @university.com email from any smtp server in the world.
Guess what field they check? Yes the From: line.  So you can send a fraudulent email there, and they won’t tag it but will tag the one you could have trusted.