DISCORD from a user to noreply

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

DISCORD from a user to noreply

Linux Addict
Folks, I am trying to configure discord when [hidden email] sends to  noreply@ / no-reply@.

The smtp recipient/header  checks seems to parse line by line so I can discord to noreply, but how do add a condition. I looked if.. endif, but I am unsure how to get this done with from and to lines in one regex.

any help would be appreciated.


Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Wietse Venema
Linux Addict:
> Folks, I am trying to configure discord when [hidden email] sends to
> noreply@ / no-reply@.

Did you mean "discard"?

> The smtp recipient/header  checks seems to parse line by line so I can
> discord to noreply, but how do add a condition. I looked if.. endif, but I
> am unsure how to get this done with from and to lines in one regex.

Headers are not a good way to determine where email is being sent
to. The recipient is part of the envelope. It is sent with the RCPT
TO command.

/etc/postfix/main.cf:
    smtpd_recipient_restrictions =
        ...
        reject_unauth_destination
        check_recipient_access inline:{{[hidden email] = discard}}
        ...

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Linux Addict
Sorry.. yeah discard.

though there are headers checks already on this system, I can do recipient check for this one. But is it possible to discard noreply email for just only one sender? I am clear on how to discard when everything sent to noreply@.*.

 check_recipient_access [hidden email] = discard}}


On Thu, Feb 13, 2020 at 2:57 PM Wietse Venema <[hidden email]> wrote:
Linux Addict:
> Folks, I am trying to configure discord when [hidden email] sends to
> noreply@ / no-reply@.

Did you mean "discard"?

> The smtp recipient/header  checks seems to parse line by line so I can
> discord to noreply, but how do add a condition. I looked if.. endif, but I
> am unsure how to get this done with from and to lines in one regex.

Headers are not a good way to determine where email is being sent
to. The recipient is part of the envelope. It is sent with the RCPT
TO command.

/etc/postfix/main.cf:
    smtpd_recipient_restrictions =
        ...
        reject_unauth_destination
        check_recipient_access [hidden email] = discard}}
        ...

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Viktor Dukhovni
In reply to this post by Wietse Venema
On Thu, Feb 13, 2020 at 02:56:32PM -0500, Wietse Venema wrote:

> Linux Addict:
>
> > The smtp recipient/header  checks seems to parse line by line so I can
> > discord to noreply, but how do add a condition. I looked if.. endif, but I
> > am unsure how to get this done with from and to lines in one regex.
>
> Headers are not a good way to determine where email is being sent
> to. The recipient is part of the envelope. It is sent with the RCPT
> TO command.
>
> /etc/postfix/main.cf:
>     smtpd_recipient_restrictions =
> ...
> reject_unauth_destination
> check_recipient_access inline:{{[hidden email] = discard}}
> ...

Note that "discard" is a "message-level" action, so the mail would
also not be delivered to any other Cc'd/Bcc'd recipients.

To discard email addressed to just one recipient:

    virtual:
        [hidden email]   luser=[hidden email]

    transport:
        discard.invalid     discard:silently

There isn't yet an access(5) primitive that discards just the *current*
recipient, that can be selected on a combination of criteria via nested
restriction classes.  So I'd use the access(5) "DISCARD" action with
great caution, basically for malware or an unusual flood of mail, ...
In most other cases, deliver or reject.

But delivery to the discard(8) transport of a *particular* recipient that
is advertised to not receive mail is fine.  That's what the avoid
rewrite and transport rules do.

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Viktor Dukhovni
In reply to this post by Linux Addict
On Thu, Feb 13, 2020 at 03:06:37PM -0500, Linux Addict wrote:

> Sorry.. yeah discard.
>
> But is it possible to discard noreply email for just
> only one sender? I am clear on how to discard when everything sent to
> noreply@.*.

Nothing built into Postfix will discard just the one recipient
in a multi-recipient mail based on the sender.

In a single-recipient message (unsafe assumption), discarding
the whole message is possible via restriction classes.

Now it turns out that "recipient_restrictions" configured via:

    smtpd_data_restrictions = ...

only run on single-recipient messages, if the message had two or more
recipients, the restriction is skipped.  Thus it would be safe to
use a sender-based rule that resolves to a restriction class that
processes the recipient, and run that sender rule in the data
restrictions, and be sure to discard just single-recipient mail.

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Linux Addict
I have no reason to use DISCARD. I also dont want sender to receive anything back. Is reject silently is an option?

/^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently

On Thu, Feb 13, 2020 at 3:12 PM Viktor Dukhovni <[hidden email]> wrote:
On Thu, Feb 13, 2020 at 03:06:37PM -0500, Linux Addict wrote:

> Sorry.. yeah discard.
>
> But is it possible to discard noreply email for just
> only one sender? I am clear on how to discard when everything sent to
> noreply@.*.

Nothing built into Postfix will discard just the one recipient
in a multi-recipient mail based on the sender.

In a single-recipient message (unsafe assumption), discarding
the whole message is possible via restriction classes.

Now it turns out that "recipient_restrictions" configured via:

    smtpd_data_restrictions = ...

only run on single-recipient messages, if the message had two or more
recipients, the restriction is skipped.  Thus it would be safe to
use a sender-based rule that resolves to a restriction class that
processes the recipient, and run that sender rule in the data
restrictions, and be sure to discard just single-recipient mail.

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Viktor Dukhovni
On Thu, Feb 13, 2020 at 03:33:42PM -0500, Linux Addict wrote:

> I have no reason to use DISCARD. I also dont want sender to receive
> anything back. Is reject silently is an option?
>
> /^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently

First of all, as you've already been told, header checks are entirely
the wrong tool for this.  You need to use either access(5) restrictions
or else rewriting to an address which is dropped on delivery.

You're also randomly making up syntax.  The "discard:silently" example
was transport table example and only makes sense in that context.

Lastly, and sadly, you may need better command of English to get help on
this list.  There's no such thing as a silent "REJECT", that's a
contradiction.  Mail is either accepted or rejected (the sender is
told which), delivered or discarded (after the message is accepted).

--
    Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: DISCORD from a user to noreply

Linux Addict
Well.. I should have checked but assumed the action statements are similar whether its  transport or access.. obviously that does not seem to be the case. 

Mail is either accepted or rejected (the sender is  told which) - this is my I wished or made up silent with reject. I don't want sender to know about the rejects.  

I guess I am going to go with below which will silently drop the email and wont notify the sender.

check_recipient_access [hidden email] = discard}}

On Thu, Feb 13, 2020 at 3:43 PM Viktor Dukhovni <[hidden email]> wrote:
On Thu, Feb 13, 2020 at 03:33:42PM -0500, Linux Addict wrote:

> I have no reason to use DISCARD. I also dont want sender to receive
> anything back. Is reject silently is an option?
>
> /^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently

First of all, as you've already been told, header checks are entirely
the wrong tool for this.  You need to use either access(5) restrictions
or else rewriting to an address which is dropped on delivery.

You're also randomly making up syntax.  The "discard:silently" example
was transport table example and only makes sense in that context.

Lastly, and sadly, you may need better command of English to get help on
this list.  There's no such thing as a silent "REJECT", that's a
contradiction.  Mail is either accepted or rejected (the sender is
told which), delivered or discarded (after the message is accepted).

--
    Viktor.