Hi
I've just released the first version of Postwhite, a policy server for Postfix which implements whitelisting. These per-recipient whitelists are entirely managed by use of emails. http://www.bitcetera.com/products/postwhite Here's a real-life example of what Postwhite does: Arthur‘s main email address [hidden email] is great for everyday use, but he doesn‘t want to pollute it by using it for mailing lists, websites, online shopping and such. Postwhite to the rescue! Arthur creates a virtual email address [hidden email] which is delivered to the same mailbox. Initially, all incoming emails will be rejected, so when Arthur decides to join the Betelgeuse mailing list (digest), his whitelist has to learn about this. Arthur sends an empty email to [hidden email] which puts Postwhite into learning mode for a limited period of time. In learning mode, Postwhite allows and delivers any incoming mails, yet it delivers a followup notification message along with it. When the first email from the Betelgeuse mailing list comes in, Arthur simply replies to the corresponding notification message thus adding Betelgeuse to the whitelist. It's still a very early version and maybe not yet fit for high traffic MTAs. But I'd love to hear what you think about the idea and implementation of Postwhite. And I have quite a few ideas for future features (see FAQ) provided there's public interest and maybe even some sponsor. Postwhite is written in Ruby, "all in one file" and thus very easy to install. There's also an ebuild available for Gentoo Linux users. (The ebuild is in queue for inclusion in the Gentoo Sunrise Overlay within the next few days.) Cheers, -sven |
On Thursday 24 July 2008 12:37, Sven Schwyn wrote:
> Hi > > I've just released the first version of Postwhite, a policy server for > Postfix which implements whitelisting. These per-recipient whitelists > are entirely managed by use of emails. > > http://www.bitcetera.com/products/postwhite > > Here's a real-life example of what Postwhite does: > > Arthur‘s main email address [hidden email] is great for everyday use, > but he doesn‘t want to pollute it by using it for mailing lists, > websites, online shopping and such. Postwhite to the rescue! Arthur > creates a virtual email address [hidden email] which is delivered > to the same mailbox. > > Initially, all incoming emails will be rejected, so when Arthur > decides to join the Betelgeuse mailing list (digest), his whitelist > has to learn about this. Arthur sends an empty email to > [hidden email] which puts Postwhite into learning mode for a > limited period of > time. In learning mode, Postwhite allows and delivers any incoming > mails, yet it delivers a followup notification message along with it. > When the first email from the Betelgeuse mailing list comes in, Arthur > simply replies to the corresponding notification message thus adding > Betelgeuse to the whitelist. > mail address from the mailing list archives and use it as the Mail From address in spam they send to him. Scott K |
On Fri, 25 Jul 2008 06:32:13 am Scott Kitterman wrote:
> You appear to have missed the next step where spammers scrape Arthur's list > mail address from the mailing list archives and use it as the Mail From > address in spam they send to him. > > Scott K Just need to make sure the list owner has deployed SPF and DKIM before then :-) -- Daniel Black -- Proudly a Gentoo Linux User. Gnu-PG/PGP signed and encrypted email preferred http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x76677097 GPG Signature D934 5397 A84A 6366 9687 9EB2 861A 4ABA 7667 7097 |
On Fri, July 25, 2008 12:28, Daniel Black wrote: > Just need to make sure the list owner has deployed SPF and DKIM before > then :-) does not help here, its the maillist USER that should provide a spf on domain he is sending from, then the maillist-owner can reject forged mails to the maillist, that is step one :-) number 2 is that maillist can have spf on the maillist return-path olso to make shure maillist sender does not send direct with the return-path on maillist without have seen it on maillist now trying dkim -- Benny Pedersen Need more webspace ? http://www.servage.net/?coupon=cust37098 |
In reply to this post by Svoop
On Fri, 25 Jul 2008 20:28:45 +1000 Daniel Black
<[hidden email]> wrote: >On Fri, 25 Jul 2008 06:32:13 am Scott Kitterman wrote: >> You appear to have missed the next step where spammers scrape Arthur's list >> mail address from the mailing list archives and use it as the Mail From >> address in spam they send to him. >> >> Scott K > >Just need to make sure the list owner has deployed SPF and DKIM before >then :-) > My first thought when I read that was 'or' not 'and'. My second was, 'Not really'. Based on the example, he's whitelisting based on Rcpt To. In my counter example the local domain is being used in both Mail From and Rcpt To, so the only domain's SPF that might enter into this is his own. SPF can be used to reject such messages, but there are other ways to do it for your own domains. The policy service does not have access to the message body, so no DKIM either. A domain level whitelist function based on SPF Pass or good DKIM signatures would potentially be useful (no way to do the latter in a policy server in any case), but that doesn't seem to be what's on offer here. Scott K |
On Fri, July 25, 2008 14:05, Scott Kitterman wrote: > Based on the example, he's whitelisting based on Rcpt To. In my counter > example the local domain is being used in both Mail From and Rcpt To, so dont test spf on this 2 headers > the only domain's SPF that might enter into this is his own. wroung, see headers from this maillist > SPF can be used to reject such messages, but there are other ways to > do it for your own domains. i have seen one sending back bounces to maillist with my email as return-path very cleever done when i see the bounce > The policy service does not have access to the message body, so no DKIM > either. yes a shame dkim does not integrade well, but atleast if it works in postfix we can downgrade to sendmail and keep our milter setup stilll going, with is not bad at all > A domain level whitelist function based on SPF Pass or good DKIM > signatures would potentially be useful (no way to do the latter > in a policy server in any case), but that doesn't seem to be > what's on offer here. policyd-weight have missed spf and greylist for so long now, if this was weighted 2 then it was good, do greylist when spf fail, or skip greylist when spf pass -- Benny Pedersen Need more webspace ? http://www.servage.net/?coupon=cust37098 |
In reply to this post by Svoop
On Thu, 24 Jul 2008 16:32:13, Scott Kitterman wrote
> You appear to have missed the next step where spammers scrape > Arthur's list > mail address from the mailing list archives and use it as the Mail > From > address in spam they send to him. That won't work because Arthur can't send any messages to himself unless he puts his own domain or email on the whitelist. Command mails from/to yourself are DISCARDED unless they are sent with SASL authentication. What you could do on the other hand is use the list's domain as a forged sender. However, at this stage no spam I get is doing this which is why I ignored this case for 0.1.0. (Besides, I don't think of Postwhite as a magic stick, more another brick in the wall. For me, it cuts SPAMs down from 10 per day to 1 per week at this point.) DKIM can't be added to a policy server by design. SPF on the other hand is doable. And it should do the trick because Postwhite only makes sense if you subscribe to a digest that comes from the list owner and not from the original sender. (Postwhite by design is worthless if you subscribe to a mailinglist's "individual mails" instead of a digest.) In addition, the client_name or reverse_client_name could be recorded along with the whitelist entry to kick forged mails sent via another MTA. The only flipside to this is that should the list owner for whatever reason change the MTA, the whitelist would no longer deliver. The same, however, is true if the list changes its domain. A weekly automatic status message which lists these cases could at least alert the user that he might have missed someting. Good thing about mailing lists - they all have archives. Thanks for your thoughts, more, please :-) PS: I'll be offline till Tuesday. |
In reply to this post by Svoop
Sven Schwyn wrote:
> Hi > > I've just released the first version of Postwhite, a policy server for > Postfix which implements whitelisting. These per-recipient whitelists > are entirely managed by use of emails. It's a nice thought - and I like seeing something controlled via e-mail instead of modifying config files or maps. However, something which might be more beneficial for day-to-day operations (instead of subscriptions) would to automatically whitelist recipients from authorized senders. So once someone within your organization sends someone else a message - replies are immediately accepted. You might want to take a look at how ASSP performs this and other operations. While I love what ASSP has done for my installs with Postfix - I'd also like to see a Postfix policy server implementation instead of ASSP's proxy method. -- Daniel |
Free forum by Nabble | Edit this page |