configuring action for user-specified routing attempt

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

configuring action for user-specified routing attempt

Kevin Mack-2
Is there a way to configure Postfix to reject and generate an error
message on user-specified routing attempts? In the following example,
Postfix ignores the routing, but I'd like it to reject this kind of
mail.

Example:

HELO testdomain.com

250 mailhost.mydomain

MAIL FROM:<[hidden email]>

250 2.1.0 Ok

RCPT TO:<@testdomain.com:[hidden email]>

250 2.1.5 Ok

DATA

354 End data with <CR><LF>.<CR><LF>

mail relay test

.

250 2.0.0 Ok: queued as 9AB571897E8


Kevin
Reply | Threaded
Open this post in threaded view
|

Re: configuring action for user-specified routing attempt

mouss-2
Kevin Mack wrote:

> Is there a way to configure Postfix to reject and generate an error
> message on user-specified routing attempts? In the following example,
> Postfix ignores the routing, but I'd like it to reject this kind of
> mail.
>
> Example:
>
> HELO testdomain.com
>
> 250 mailhost.mydomain
>
> MAIL FROM:<[hidden email]>
>
> 250 2.1.0 Ok
>
> RCPT TO:<@testdomain.com:[hidden email]>
>
> 250 2.1.5 Ok
>
> DATA
>
> 354 End data with <CR><LF>.<CR><LF>
>
> mail relay test
>
> .
>
> 250 2.0.0 Ok: queued as 9AB571897E8


well, rfc2821 deprecated source routing but asked to continue supporting
it. there is a similar problem with "old hacks" (percent, bang, ...). I
don't see spam trying to use these, so I don't think there is a problem
here. "no reason to get exited", the thief he kindly spoke.


if you can't but get exited, then use access restrictions

/[%!@].*@/ reject unknown recipient in some table

More generally, you can check the recipient to make sure it matches your
acceptable formats (aka "address scheme"). I have few acceptable
formats, and if the recipient is "too far", it goes to a "pseudo-trap"
which sa-learn likes to eat...







Reply | Threaded
Open this post in threaded view
|

Re: configuring action for user-specified routing attempt

Wietse Venema
In reply to this post by Kevin Mack-2
Kevin Mack:
> RCPT TO:<@testdomain.com:[hidden email]>

Postfix looks only at the part with [hidden email].

The routing portion was deprecated many years ago, and Postfix
simply discards it; it isn't even available for access map or policy
checks.

        Wietse