Radio Tron:
> Hi, I'm a volunteer on an OpenBSD free-shell (cyberspace.org).
> Staff has turned off email because of SPAM (hogs our bandwidth
> and staff time).
> 1. Can we configure postfix such that it first checks a user's
> home directory for a .postfix_white-list file and accepts mail
> (MAIL FROM:) only if there is a match between what's in the
> white-list file and what it sees in the MAIL FROM field?
First of all, no SMTP server will be able to read mode 0600 user
files unless you have some program running with root privileges.
Having a root-privileged program near an SMTP port is not a good
idea, so you may want to revise your design.
For complex policies like this, Postfix relies on extensions.
a) The Postfix SMTP server can query a non-Postfix policy server,
which speaks a trivial protocol and can look up user preferences.
An example Perl-based policy server is included with Postfix source.
b) The Postfix SMTP server can send incoming mail through a
non-Postfix SMTP-based content filter that implements access policies
such as buddy lists, automatic whitelists etc. This is a common
feature in content filters.
Either way, this allows you to reject mail before it enters the queue.
> 2. Can we configure outgoing mail such that postfix delivers only
> 5-mails/5-hours/user?
You can configure this in the Postfix SMTP server side (with built-in
smtpd_client_message_rate_limit, with a non-Postfix policy server,
or non-Postfix SMTP-based content filter).
> 3. Can we group users into categories? Some get 0mails/hr, 5m/5h,
> 10m/5hr etc..
Yes, via extension mechanisms: non-Postfix policy server or the
non-Postfix SMTP-based content filter.
> 4. Can we collect statistics to see who receives and sends a lot
> of mail?? (mailing list traffic, etc) --------
Yes, via logfile analysis and via the extension mechanisms.
> I checked the Definitive guide but it talks of a system wide
> white-list of domains(smtpd_sender_restrictions), but I was
> wondering if you could do that on an individual basis.. setting
> up some kind of regex (*.yahoo.com or grand...@hotmail.com) which
> can be removed when required if she turns abusive. Basically we
> could then provide a web-based white-list adding program on the
> users home page. Is there some way to store the hash postfix uses
> in each individual users home_dir vs storing it centrally??
By design, the Postfix SMTP server is not supposed to poke around
in the user's home directory.
However, an extension such as policy server or SMTP-based content
filter can do whatever you want it to do.
Of course you can also hack it into qpsmtpd, but then you get to
maintain undocumented code (and be cursed by your successors).
Wietse
