How to get that working? Use a plociy-daemon?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to get that working? Use a plociy-daemon?

Max Zimmermann
Hey there,

I hope I'm right asking you this, and hope I can explain my problem correctly.

I'm not receiving to many spam mails on my server. With all postfix-internal sender- and helo restrictions and some RBLs enabled, spam for me has come down to only a few mails that get through each day.
So far so good.

The problem I have now is that one account that recently also sends and receives emails via my server, from time to time receives mail from people that run either RFC-incompliant (or incorrectly configured) MTA's or servers. Their mails are being rejected correctly, of course.
But for one domain I would appreciate not having those false-positives, and not losing these emails.

So what I had in mind now is, that those emails don't get rejected, but delivered to a special spam-folder in the users maildir.

Since I really don't get that much spam, I've always avoided installing a 'big solution' like spamassassin and such.
Is there perhaps another way to manage that, you can recommend?
It is correct that postfix itself cannot handle this, right?

I thought about perhaps a policy-daemon, that adds a tag to the email header if it fails a test such as hostname checks etc. I could then use e.g. maildrop to deliver those mails to a special spam-folder. Is that an idea you would recommend?

And, if so, what policy-daemon would you recommend? I've looked into quite a lot, and couldn't really decide which one to use, so any oppinion is helpful :)
What would also be great (but no must, of course) is if the policy-daemon, solution, ... , could also handle whitelisting and perhaps different actions for different domains, because for my private domains I find it okay for RFC ignorant hosts to be rejected immediately.

Thanks a lot for all suggestions in advance.

--
Cheers,

Max


Linux-User #477672


signature.asc (916 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: How to get that working? Use a plociy-daemon?

Wietse Venema
Max Zimmermann:

> Hey there,
>
> I hope I'm right asking you this, and hope I can explain my problem
> correctly.
>
> I'm not receiving to many spam mails on my server. With all
> postfix-internal sender- and helo restrictions and some RBLs enabled,
> spam for me has come down to only a few mails that get through each day.
> So far so good.
>
> The problem I have now is that one account that recently also sends and
> receives emails via my server, from time to time receives mail from
> people that run either RFC-incompliant (or incorrectly configured) MTA's
> or servers. Their mails are being rejected correctly, of course.
> But for one domain I would appreciate not having those false-positives,
> and not losing these emails.

To avoid RFC compliance checks for domain example.com, put them after
a recipient access table.

For example:

/etc/postfix/main.cf:
    smtpd_recipient_restrictions =
        reject_unlisted_recipient
        permit_mynetworks
        ...
        reject_unauth_destination
        check_recipient_access hash:/etc/postfix/recipient_access
        [RFC compliance checks here]
        ...

/etc/postfix/recipient_access
    example.com OK

> So what I had in mind now is, that those emails don't get rejected, but
> delivered to a special spam-folder in the users maildir.

Unformtunately, Postfix has no built-in feature to label mail.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: How to get that working? Use a plociy-daemon?

Max Zimmermann
On 22.08.2008 21:50, Wietse Venema wrote:

> To avoid RFC compliance checks for domain example.com, put them after
> a recipient access table.
>
> For example:
>
> /etc/postfix/main.cf:
>     smtpd_recipient_restrictions =
> reject_unlisted_recipient
> permit_mynetworks
> ...
> reject_unauth_destination
> check_recipient_access hash:/etc/postfix/recipient_access
> [RFC compliance checks here]
> ...
>
> /etc/postfix/recipient_access
>     example.com OK
>
>  
Thanks for that hint! And sorry for not thinking of that myself.
>
> Unformtunately, Postfix has no built-in feature to label mail.
>
> Wietse
>  
Ah allright. I will look a little deeper into the different policy deamons.

Thanks again!

--
Cheers,

Max


Linux-User #477672
PGP: 0x9CD7ED53


signature.asc (916 bytes) Download Attachment