[resolved] Allow Header Spoofing - How is this intented to be used??

dbinoj

The help message says that it is generally used when sending mail from aliases of this mail box.I do not understand this immediately. I have an email called primary@example.com which has alias1@example.com, alias2@example.comDo I add the 3 emails as separate emails in Admin Panel -> Emails with the alias in Email Address field and primary@example.com in Username?Or should I just add a single email with Email Address and Username as primary@example.com and check "Allow Header Spoofing"?If so, where do I specify the aliases to be used?

ntozier

Enabling "Allow Header Spoofing" allows email to be sent via the SMTP setup in that address..If you want to use an email address to be able to send or receive mail.... you would configure it in osTicket.So if you want to send or receive mail using primary@example.com, alias1@example.com, and alias2@example.com then you need to set them up.As an example if I wanted to setup a faux@company.com in osTicket, but I dont want to setup SMTP settings for this address. . Allowing spoofing on another address means that osTicket will attempt to spoof the email hgeaders when sending an email so that it can use a non-existent or aliased email address as the FROM address.

dbinoj

Thanks for the explanation.But will it send the email with spoofed From address using System Default SMTP settings? Or php's mail()?

dbinoj

Is there a setting where we can specify an email to be an alias and can we specify which SMTP settings to use? Because, I have a email realaccount@example.com which has alias1@example.com as alias.I just alias1@example.com in Email Address field and use realaccount+alias1@example.com (or realaccount@example.com also works) as SMTP username and use realaccount's password. I did not enable Allow Header Spoofing. I guess I'm not understanding stuff. :(

ntozier

My installation has 5 emails configured.One of those has SMTP settings, and it my base email that I used to send/receive.All my other configured emails get sent through this connection, because I allow header spoofing on it.

dbinoj

I did not think of it like this because I was subconsciously wondering what would happen if 2 or more emails have set to allow header spoofing so though there must be some other use for it. Anyways, it doesn't matter which setting it uses, the email is gonna be delivered! Your explanation clears things up. Thanks!

ntozier

Very welcome. :) I'll close this thread and mark it as resolved.