Hello Markus,
Thanks very much for your reply. I didn't come across Cookbook in my
searches but I don't think I will need it now as I'm very pleased to
report I got my first test policy implemented yesterday evening. Don't
laugh, all it does so far is block senders where 'sender' doesn't match
'sasl-user'. Everyone has to start somewhere right? It does put me in a
place where I can write customised policies now. I was thinking of
using mysql but everyone seems to use Berkeley DB? Maybe worth
considering as it has a locking arrangement.
One of my user email accounts was compromised a couple of months ago and
over a period of 5 hours thousands of SPAM messages were sent. Grrrr!
Since then I have become rather paranoid checking the mail log whenever
I can looking for "Relay=' and auth failures manually barring IPs that
repeatedly fail to log in. I need to relax a bit so decided to try and
write a SPAM limitation policy, as in ;
if (X number of messages sent in Y time), {
external relay access blocked until user resets password
}.
To do this I needed to read the SASL_USERNAME field into PERL in order
to log and count SMTP requests to their account, now I can, thanks to
help given here. I think by Thursday I will have a test version of it
up and running.
So far with just sasl != user;
................
$client_address="";
$client_name="";
$reverse_client_name="";
$helo_name="";
$sender="";
$recipient="";
$recipient_count="";
$sasl_username="\n";
$c=0;
while ($c==0) {
$b=(<STDIN>);
$a.=$b;
if ($b =~ /=/) {
my ($key, $value) =split (/=/, $b, 2);
if ($key eq "client_address") { $client_address=$value;}
if ($key eq "client_name") { $client_name=$value;}
if ($key eq "reverse_client_name") { $reverse_client_name=$value;}
if ($key eq "helo_name") { $helo_name=$value;}
if ($key eq "sender") { $sender=$value;}
if ($key eq "recipient") { $recipient=$value;}
if ($key eq "recipient_count") { $recipient_count=$value;}
if ($key eq "sasl_username") { $sasl_username=$value;}
}
if($b eq "\n") { $c=1;}
}
$action="action=DUNNO\n\n";
if($sasl_username ne "\n") {
if ($sasl_username ne $sender) {
$action= "action=REJECT Wrong sender\n\n";
}
}
print $action;
.......
Thanks for your suggestion,
Mick.
Benning, Markus wrote:
Am 2015-02-27 14:45, schrieb MickTW8:
This issue I have is knowing how to read any of the attributes listed
here
www.postfix.org/SMTPD_POLICY_README.html#protocol
Hello Mick,
it may be an option for your to implement your code as a plugin for
mtpolicyd.
There's documentation for wrinting a simple plugin at:
https://www.mtpolicyd.org/getting-started.html#Mail::MtPolicyd::Cookbook::BasicModule
Then you wont have to care about accepting connections, parsing,
logging and so on.
Another option may be to just copy over the Request class to your
project and remove
dependencies on Net::Server, etc. from it:
https://github.com/benningm/mtpolicyd/blob/master/lib/Mail/MtPolicyd/Request.pm
Markus
