LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 11-28-2006, 04:56 AM   #1
carlmarshall
Member
 
Registered: Jan 2004
Location: North Yorkshire, UK
Distribution: Centos 5
Posts: 133

Rep: Reputation: 16
Postfix whitelisting by recipient address?


Hi,

I am using a Postfix mail server using MySQL for virtual users and have several rules for blocking UCE configured. In addition, I am using an SQL table for whitelisting sender email addresses which works very well.

However I have a customer who receives email from a wide variety of clients and doesn't know in advance what their email address will be. Typically, many of these get blocked by my blackhole filters.

Does anyone know of a method by which I can apply a whitelist based on recipient address rather than on sender address?

Just had a thought on the subject: I suspect that I could use smtpd_restriction_classes eg:

smtpd_restriction_classes= filtered, unfiltered

However all of my domains etc. are virtual and change often. Does anyone have an idea as to how to read class members from an SQL database?

Cheers,

Carl.

Last edited by carlmarshall; 11-28-2006 at 06:54 AM.
 
Old 12-04-2006, 06:02 AM   #2
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
Performing a simple reverse lookup should validate your domain's existense and thus if it exists, it won't be suspected as being used by spammers since spammers do usually use fake domains or short-lived domains.

The first example shows that it can't resolve to what domain that IP is pointed to.

@webmaster:~$ host your.internet.ip.add
Host your.internet.ip.add.in-addr.arpa not found: 3(NXDOMAIN)

This one next is what should be expected.

@webmaster:~$ host your.internet.ip.add
your.internet.ip.add.in-addr.arpa domain name pointer your.domain.com.
 
Old 12-04-2006, 06:06 AM   #3
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
Sorry, I've mistaken sending this reply to this thread. It should not be here.

I've never noticed that my browser window is on the wrong thread.

Sorry guys...
 
Old 12-04-2006, 06:07 AM   #4
carlmarshall
Member
 
Registered: Jan 2004
Location: North Yorkshire, UK
Distribution: Centos 5
Posts: 133

Original Poster
Rep: Reputation: 16
Not a problem gani!

Hope you sort someone's problem, even if it's not mine!

Carl.
 
Old 12-07-2006, 07:12 AM   #5
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
I've come across with this file on my server that came from a contribution from a Japanese developer regarding tarpiting patch for postgrey. It is named whitelist_recipient with example lines included as

Code:
# *** whitelist recipient ***
postmaster@mydomain.example          OK
abuse@mydomain.example               OK
Though I'm not using this and just decided posting this in thinking that this might help you or provide you with some idea.

This should be included in smtpd_recipient_restrictions in main.cf as ordered

Code:
smtpd_recipient_restrictions =
      permit_mynetworks
      permit_sasl_authenticated
      reject_unauth_destination
      check_recipient_access hash:/etc/postfix/whitelist_recipient   # HERE
      check_recipient_access mysql:/etc/postfix/mysql-recipient.cf   # just an example
      reject_invalid_hostname
      reject_non_fqdn_sender
      reject_non_fqdn_hostname
      reject_unknown_sender_domain
      ... others...
      .... etc.
      permit
# postmap /etc/postfix/whitelist_recipient
# postfix reload

-Gani
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix: Is it possible to rewrite sender address only for selective recipient? Akhran Linux - Software 3 08-15-2006 10:48 AM
Postfix: Recipient address rejected: Relay access denied; stormrider_may Linux - Networking 5 02-18-2006 05:38 AM
postfix question - whitelisting wijnands Linux - Software 2 03-30-2005 03:28 AM
Postfix error - Recipient address rejected: Relay access denied robbiemorgan Linux - Newbie 1 10-01-2004 03:57 AM
postfix - wrong recipient address iliah Linux - Networking 2 09-26-2004 09:34 AM


All times are GMT -5. The time now is 05:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration