Blacklist per-domain

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Blacklist per-domain

polloxx
Dear list,

We want to implement blacklisting sender email addresses on a per-domain basis.
I know it can be done by Amavis but I would like to implement this
directly in Postfix.
Is this possible?

Thx,
P.
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

Noel Jones-2
On 1/24/2011 9:12 AM, polloxx wrote:
> Dear list,
>
> We want to implement blacklisting sender email addresses on a per-domain basis.
> I know it can be done by Amavis but I would like to implement this
> directly in Postfix.
> Is this possible?
>
> Thx,
> P.

Yes, using smtpd_restriction_classes.  General usage info can
be found here:
http://www.postfix.org/RESTRICTION_CLASS_README.html


   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

polloxx
On Mon, Jan 24, 2011 at 5:48 PM, Noel Jones <[hidden email]> wrote:

> On 1/24/2011 9:12 AM, polloxx wrote:
>>
>> Dear list,
>>
>> We want to implement blacklisting sender email addresses on a per-domain
>> basis.
>> I know it can be done by Amavis but I would like to implement this
>> directly in Postfix.
>> Is this possible?
>>
>> Thx,
>> P.
>
> Yes, using smtpd_restriction_classes.  General usage info can be found here:
> http://www.postfix.org/RESTRICTION_CLASS_README.html
>
>
>  -- Noel Jones
>

Thanks  Noel.
As far as I can see this approach works with two lookup tables. Can we
add domains dynamicly, without the need to create a new table when a
new domain is added?

P.
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

Victor Duchovni
On Wed, Jan 26, 2011 at 06:14:26PM +0100, polloxx wrote:

> > > We want to implement blacklisting sender email addresses on a per-domain
> > > basis.  I know it can be done by Amavis but I would like to implement
> > > this directly in Postfix.  Is this possible?
> >
> > Yes, using smtpd_restriction_classes. ?General usage info can be found here:
> > http://www.postfix.org/RESTRICTION_CLASS_README.html
>
> As far as I can see this approach works with two lookup tables. Can we
> add domains dynamicly, without the need to create a new table when a
> new domain is added?

If you have a fixed "menu" of restriction settings,
"spam-lover", "spam-hater", "spam-neutral", ...

you can add as many domains as you wish by mapping each domain to one
of the fixed restriction settings. If you want fully custom settings for
each domain, and want to scale this to many domains, Postfix is not the
right tool, you need a milter or pre-queue proxy filter.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

polloxx
On Wed, Jan 26, 2011 at 6:20 PM, Victor Duchovni
<[hidden email]> wrote:

> On Wed, Jan 26, 2011 at 06:14:26PM +0100, polloxx wrote:
>
>> > > We want to implement blacklisting sender email addresses on a per-domain
>> > > basis.  I know it can be done by Amavis but I would like to implement
>> > > this directly in Postfix.  Is this possible?
>> >
>> > Yes, using smtpd_restriction_classes. ?General usage info can be found here:
>> > http://www.postfix.org/RESTRICTION_CLASS_README.html
>>
>> As far as I can see this approach works with two lookup tables. Can we
>> add domains dynamicly, without the need to create a new table when a
>> new domain is added?
>
> If you have a fixed "menu" of restriction settings,
> "spam-lover", "spam-hater", "spam-neutral", ...
>
> you can add as many domains as you wish by mapping each domain to one
> of the fixed restriction settings. If you want fully custom settings for
> each domain, and want to scale this to many domains, Postfix is not the
> right tool, you need a milter or pre-queue proxy filter.
>
> --
>        Viktor.
>

I want to be able to block senders on customer (domain) request:

block [hidden email], [hidden email] for domain customer1.tld
block [hidden email] for domain customer2.tlc etc
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

Noel Jones-2
On 1/27/2011 7:22 AM, polloxx wrote:

> On Wed, Jan 26, 2011 at 6:20 PM, Victor Duchovni
> <[hidden email]>  wrote:
>> On Wed, Jan 26, 2011 at 06:14:26PM +0100, polloxx wrote:
>>
>>>>> We want to implement blacklisting sender email addresses on a per-domain
>>>>> basis.  I know it can be done by Amavis but I would like to implement
>>>>> this directly in Postfix.  Is this possible?
>>>>
>>>> Yes, using smtpd_restriction_classes. ?General usage info can be found here:
>>>> http://www.postfix.org/RESTRICTION_CLASS_README.html
>>>
>>> As far as I can see this approach works with two lookup tables. Can we
>>> add domains dynamicly, without the need to create a new table when a
>>> new domain is added?
>>
>> If you have a fixed "menu" of restriction settings,
>> "spam-lover", "spam-hater", "spam-neutral", ...
>>
>> you can add as many domains as you wish by mapping each domain to one
>> of the fixed restriction settings. If you want fully custom settings for
>> each domain, and want to scale this to many domains, Postfix is not the
>> right tool, you need a milter or pre-queue proxy filter.
>>
>> --
>>         Viktor.
>>
>
> I want to be able to block senders on customer (domain) request:
>
> block [hidden email], [hidden email] for domain customer1.tld
> block [hidden email] for domain customer2.tlc etc

This can be implemented with smtpd_restriction_classes,
although it will get cumbersome with more than a handful of
domains.

Alternatives are a milter, an smtpd_proxy_filter transparent
proxy, or a policy service (maybe one of these can be used
http://www.postfix.org/addon.html#policy).



   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Blacklist per-domain

mouss-4
In reply to this post by polloxx
Le 27/01/2011 14:22, polloxx a écrit :

> On Wed, Jan 26, 2011 at 6:20 PM, Victor Duchovni
> <[hidden email]> wrote:
>> On Wed, Jan 26, 2011 at 06:14:26PM +0100, polloxx wrote:
>>
>>>>> We want to implement blacklisting sender email addresses on a per-domain
>>>>> basis.  I know it can be done by Amavis but I would like to implement
>>>>> this directly in Postfix.  Is this possible?
>>>>
>>>> Yes, using smtpd_restriction_classes. ?General usage info can be found here:
>>>> http://www.postfix.org/RESTRICTION_CLASS_README.html
>>>
>>> As far as I can see this approach works with two lookup tables. Can we
>>> add domains dynamicly, without the need to create a new table when a
>>> new domain is added?
>>
>> If you have a fixed "menu" of restriction settings,
>> "spam-lover", "spam-hater", "spam-neutral", ...
>>
>> you can add as many domains as you wish by mapping each domain to one
>> of the fixed restriction settings. If you want fully custom settings for
>> each domain, and want to scale this to many domains, Postfix is not the
>> right tool, you need a milter or pre-queue proxy filter.
>>
>> --
>>        Viktor.
>>
>
> I want to be able to block senders on customer (domain) request:
>
> block [hidden email], [hidden email] for domain customer1.tld
> block [hidden email] for domain customer2.tlc etc


if it's "customer foo wants to block joe and jim", then no. use a policy
service.

if you can classify your rules as "class1", "class2"... and put each
customer in a class, then you can use postfix retriction classes.