Am 17.02.2012 17:00, schrieb Simon Hintermann: > Hello all, > > here is my problem: > > I have several hosting servers, sending mails from authenticated users, web > scripts, web pages, and so on... I > cannot monitor everything, and our greatest problem is outgoing unauthorized > mails. we experience 10'000 mails spam > campaigns every week or so... No need to says that this is no good for > blacklisting. > > As I have root access everywhere, I can construct an exhaustive list of > allowed sender domains. > > Then I build up a new mail gateway dedicated to outgoing mails, and configure > it as follows: > > smtpd_sender_restrictions = > check_sender_access hash:/etc/postfix/sender_access > reject_unverified_sender > warn_if_reject > reject > > Now I get a warning in my logs every time a potentially unauthorized mails > goes out. > > But I can't have any visibility over redirected mails. We've got several > users that configure their mailbox to > resend their email on another external mailbox, and we do not want to > consider this kind of mail as "unwanted"! > > I have seen nothing and everything about this kind of mail, and I wonder if > postfix is by any way able to detect > this kind of mail...? The real problem, as I understand it, is that I want to > configure this Postfix as an > independant server, that would be the "relayhost" of all our hosting > servers...
this kind of mail does NOT use smtp at all and so it is not affected by smtpd_* restrictions if your MDA like dovecot or dbmail is forwarding a message it is using the sendmail-binary and the messages are catched by pickup, so the problem you imagine does not exist in almost any setup
signature.asc
Description: OpenPGP digital signature
