Re: Postfix resent messages detection

Fri, 17 Feb 2012 09:32:29 -0800 


Le 17. 02. 12 17:06, Reindl Harald a écrit :


Am 17.02.2012 17:00, schrieb Simon Hintermann:

Hello all,

here is my problem:

I have several hosting servers, sending mails from authenticated users, web 
scripts, web pages, and so on... I
cannot monitor everything, and our greatest problem is outgoing unauthorized 
mails. we experience 10'000 mails spam
campaigns every week or so... No need to says that this is no good for 
blacklisting.

As I have root access everywhere, I can construct an exhaustive list of allowed 
sender domains.

Then I build up a new mail gateway dedicated to outgoing mails, and configure 
it as follows:

smtpd_sender_restrictions =
         check_sender_access hash:/etc/postfix/sender_access
         reject_unverified_sender
         warn_if_reject
         reject

Now I get a warning in my logs every time a potentially unauthorized mails goes 
out.

But I can't have any visibility over redirected mails. We've got several users 
that configure their mailbox to
resend their email on another external mailbox, and we do not want to consider this kind 
of mail as "unwanted"!

I have seen nothing and everything about this kind of mail, and I wonder if 
postfix is by any way able to detect
this kind of mail...? The real problem, as I understand it, is that I want to 
configure this Postfix as an
independant server, that would be the "relayhost" of all our hosting servers...

this kind of mail does NOT use smtp at all and so it is not affected by smtpd_* 
restrictions
if your MDA like dovecot or dbmail is forwarding a message it is using the 
sendmail-binary
and the messages are catched by pickup, so the problem you imagine does not 
exist in
almost any setup





Okay... perhaps I explained it poorly, or did I actually not understood 
a word of your explaination...



The case I cannot detect is:


SENDER  (a...@toto.com) sends an email to b...@domain.com
||
v
WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com)
||
v

MAIL GATEWAY (local domains: domain.com) sees a mail with a "From: 
a...@toto.com" header and says that this is an unwanted mail

||
v
warning and pass to yahoo.com or simply drop...

--
Meilleures Salutations
Freundliche Grüsse
Best regards

Simon Hintermann

www.ganesh-consulting.ch

informations :
i...@ganesh-consulting.ch
Tél. 021/921 76 74
Fax. 021/964.17.91
Skype : ganesh.consulting
























					Reply via email to