Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Radio Tron
Hi, I'm a volunteer on an OpenBSD free-shell (cyberspace.org). Staff has turned off email because of SPAM (hogs our bandwidth and staff time).

1. Can we configure postfix such that it first checks a user's home directory for a .postfix_white-list file and accepts mail (MAIL FROM:) only if there is a match between what's in the white-list file and what it sees in the MAIL FROM field?

2. Can we configure outgoing mail such that postfix delivers only 5-mails/5-hours/user?

3. Can we group users into categories? Some get 0mails/hr, 5m/5h, 10m/5hr etc..

4. Can we collect statistics to see who receives and sends a lot of mail?? (mailing list traffic, etc)
--------

I checked the Definitive guide but it talks of a system wide white-list of domains(smtpd_sender_restrictions), but I was wondering if you could do that on an individual basis.. setting up some kind of regex (*.yahoo.com or [hidden email]) which can be removed when required if she turns abusive. Basically we could then provide a web-based white-list adding program on the users home page. Is there some way to store the hash postfix uses in each individual users home_dir vs storing it centrally??

Thank you for your time.


     
Reply | Threaded
Open this post in threaded view
|

Re: Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Wietse Venema
Radio Tron:
> Hi, I'm a volunteer on an OpenBSD free-shell (cyberspace.org).
> Staff has turned off email because of SPAM (hogs our bandwidth
> and staff time).

> 1. Can we configure postfix such that it first checks a user's
> home directory for a .postfix_white-list file and accepts mail
> (MAIL FROM:) only if there is a match between what's in the
> white-list file and what it sees in the MAIL FROM field?

First of all, no SMTP server will be able to read mode 0600 user
files unless you have some program running with root privileges.
Having a root-privileged program near an SMTP port is not a good
idea, so you may want to revise your design.

For complex policies like this, Postfix relies on extensions.

a) The Postfix SMTP server can query a non-Postfix policy server,
which speaks a trivial protocol and can look up user preferences.
An example Perl-based policy server is included with Postfix source.

b) The Postfix SMTP server can send incoming mail through a
non-Postfix SMTP-based content filter that implements access policies
such as buddy lists, automatic whitelists etc. This is a common
feature in content filters.

Either way, this allows you to reject mail before it enters the queue.

> 2. Can we configure outgoing mail such that postfix delivers only
> 5-mails/5-hours/user?

You can configure this in the Postfix SMTP server side (with built-in
smtpd_client_message_rate_limit, with a non-Postfix policy server,
or non-Postfix SMTP-based content filter).

> 3. Can we group users into categories? Some get 0mails/hr, 5m/5h,
> 10m/5hr etc..

Yes, via extension mechanisms: non-Postfix policy server or the
non-Postfix SMTP-based content filter.

> 4. Can we collect statistics to see who receives and sends a lot
> of mail?? (mailing list traffic, etc) --------

Yes, via logfile analysis and via the extension mechanisms.

> I checked the Definitive guide but it talks of a system wide
> white-list of domains(smtpd_sender_restrictions), but I was
> wondering if you could do that on an individual basis.. setting
> up some kind of regex (*.yahoo.com or [hidden email]) which
> can be removed when required if she turns abusive. Basically we
> could then provide a web-based white-list adding program on the
> users home page. Is there some way to store the hash postfix uses
> in each individual users home_dir vs storing it centrally??

By design, the Postfix SMTP server is not supposed to poke around
in the user's home directory.  

However, an extension such as policy server or SMTP-based content
filter can do whatever you want it to do.

Of course you can also hack it into qpsmtpd, but then you get to
maintain undocumented code (and be cursed by your successors).

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Terry Carmen
In reply to this post by Radio Tron
Quoting Radio Tron <[hidden email]>:

> Hi, I'm a volunteer on an OpenBSD free-shell (cyberspace.org). Staff  
> has turned off email because of SPAM (hogs our bandwidth and staff  
> time).
>
> 1. Can we configure postfix such that it first checks a user's home  
> directory for a .postfix_white-list file and accepts mail (MAIL  
> FROM:) only if there is a match between what's in the white-list  
> file and what it sees in the MAIL FROM field?
>
> 2. Can we configure outgoing mail such that postfix delivers only  
> 5-mails/5-hours/user?
>
> 3. Can we group users into categories? Some get 0mails/hr, 5m/5h,  
> 10m/5hr etc..

If you're talking about inbound mail, you'll have better luck using a  
good RBL or two.

If you're talking about your users sending spam, you might want to  
look into amavisd-new and spamassassin. You can capture the  
"spam-level" in maillog, have a script parse it, and block users that  
send too much spammy-looking mail, until they've been reviewed by an  
admin.

Terry

Reply | Threaded
Open this post in threaded view
|

Re: Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Radio Tron
In reply to this post by Wietse Venema
Hi, thank you for the help. Terry, I checked out: Postgrey instead. It doesn't do what I want (system-wide cfg file) and no rate-limiting, so I decided to try my own hand at it (I still need to check out Amavisd):

I wrote a small perl script and it's able to OK and REJECT the stuff BUT:
1. How do I handle local mail being delivered by programs like 'mail'?
So long as the mail arrives via port 25, I have no issues and my policy script is able to see the stuff, but when i do a 'mail root', it doesn't work.
2. I assume that after and prior to the, MAIL FROM: RCPT TO:, normal Postfix handling and rules apply?? I hope that's not getting turned off! All I want to do is stick my snout in and say yes/no to specific users and JUNK everyone else.

3. How do I handle bounced mail and postmaster.. create a white-list file for postmaster and put a rule saying PASS all.. will that create a loophole where scumbags can spoof the FROM: field???

Please don't waste your time answering in detail. Just a rough yes/no, possible/not-possible will suffice. I guess I'd have to read the Definitive guide thoroughly to get a handle on this properly.


     
Reply | Threaded
Open this post in threaded view
|

Re: Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Stan Hoeppner
Radio Tron put forth on 2/3/2010 8:22 AM:

> 3. How do I handle bounced mail and postmaster.. create a white-list file for postmaster and put a rule saying PASS all.. will that create a loophole where scumbags can spoof the FROM: field???

The scumbags always spoof the FROM: field.  You can whitelist the postmaster
address but still reject stuff destined to it containing [hidden email].
 Should be at least a couple methods to do this.

--
Stan
Reply | Threaded
Open this post in threaded view
|

Re: Whitelist: ~user/.postfix_whitelist; chmod 600 .postfix_whitelist?

Wietse Venema
In reply to this post by Radio Tron
Radio Tron:
> Hi, thank you for the help. Terry, I checked out: Postgrey instead.
> It doesn't do what I want (system-wide cfg file) and no rate-limiting,
> so I decided to try my own hand at it (I still need to check out
> Amavisd):

> I wrote a small perl script and it's able to OK and REJECT the
> stuff BUT:  1. How do I handle local mail being delivered by
> programs like 'mail'? So long as the mail arrives via port 25, I
> have no issues and my policy script is able to see the stuff, but
> when i do a 'mail root', it doesn't work.

You can restrict "mail" command submission (with the main.cf
authorized_submit_users parameter) to root etc. accounts, and force
ordinary users to use SMTP.  Many command-line tools including MUTT
and PINE have a submit-via-smtp option.

There is a nice plugin at policyd.org that implements various SMTP
limits for Postfix.

> 3. How do I handle bounced mail and postmaster.. create a white-list
> file for postmaster and put a rule saying PASS all.. will that
> create a loophole where scumbags can spoof the FROM: field???

That is best done inside the extension: in a policy daemon or
content filter.

        Wietse