Hi,
> > I have a fedora43 system with postfix and managed to get cbpolicyd > running. Now I can't figure out how to connect it to postfix only for > submission users. > > The problem I'm trying to address is to limit runaway sasl-authenticated > accounts that are compromised and sending spam. > > I am using it for the same purpose. You can keep it in the recipient > restrictions (but sender restrictions are better). > In the web interface, you define Quotas to track "SASLUsername". So it > will ignore email with no authenticated username. I then define > several Policies Groups and assign some SASL users (in the format > "[email protected]") to those groups to allow some senders higher > volumes. > > I have modified the web interface, so it allows me to define Action as > PREPEND - it just prepends my custom header to the email and I use > header_checks to put the tagged emails into the HOLD postfix queue for > manual release/delete. > > Besides this, I have a monitoring script which counts from how many > countries a single SASL login has been logged in the last 24 hours. In > case too many, it creates an alert + automatically adds the login to > the Policy Group which has only 1 mail per day allowed. But we will > switch to Geo-locking the accounts soon. > This is very helpful, thanks. How did you connect it to postfix? I'm also curious what OS/version you're using? It took quite a bit of work to build a package for fedora with cbpolicyd and awit-perl-toolkit, given it's such old code. It was also very difficult to find. Maybe I'm using the wrong version?
_______________________________________________ Postfix-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
