Re: check_badrcptto, to prevent backscatter

Sat, 05 Feb 2011 06:23:24 -0800 

On Saturday 05 February 2011 08:38:12 Todd Brunhoff wrote:
>   I have a small email server that is just for my wife and I. The
> biggest problem I have is backscatter (mail received with invalid local
> address that bounces to an invalid sender address). So the following
> script blocks all of this at the point of receipt, inside qpsmtpd. Could
> not find it anywhere else so I wrote this. Comments welcome.

I did a similar thing but seeing how I'd started off using qmail before 
discovering qpsmtpd, mine reads the qmail config files /var/qmail/users/assign 
including reading alias files configured in there - this way I have a standard 
qmail setup with partial wildcards addresses and have aliases for postmaster, 
abuse (and qmail handles things like forwarding email on to other addresses 
etc).

So I then hand out different email addresses to different people ("tim_XYZ" to 
company XYZ etc) knowing that the prefix rule will accept any such email that I 
invent, but if any one address leaks or otherwise becomes too spammy then I 
block that explicit address with another plugin that runs BEFORE this one 
which checks a specific list and refuses anything from its own config list. I'm 
not sure if the check_badrcptto is a "standard" plugin or one I simply cobbled 
from elsewhere, so it's attached too.

Of course if you don't use qmail for final delivery, then this may not be so 
useful but it seemed better than coming up with my own user list and wildcards 
and alias mechanisms :)

Cheers

--
Tim

# this plugin checks the badrcptto config (like badmailfrom for rcpt address)

sub register {
  my ($self, $qp) = @_;
  $self->register_hook("rcpt", "check_for_badrcptto");
}

sub check_for_badrcptto {
  my ($self, $transaction, $recipient) = @_;
  my @badrcptto = $self->qp->config("badrcptto") or return (DECLINED);
  return (DECLINED) unless $recipient->host && $recipient->user;
  my $host = lc $recipient->host;
  my $from = lc($recipient->user) . '@' . $host;
  for (@badrcptto) {
    my($bad,$denyhard) = /^\s*(\S+)\s*(\S*)/ or next;
    my $denycode = $denyhard ? DENYHARD : DENY;
    $bad = lc $bad;

    return ($denycode, "mail to $bad not accepted here")
      if $bad eq $from;
    return ($denycode, "mail to $bad not accepted here")
      if substr($bad,0,1) eq '@' && $bad eq "\@$host";
  }
  return (DECLINED);
}

Attachment: check_goodrcptto
Description: Perl program

Reply via email to