Patrick Lists wrote:
On 05/06/2010 04:07 PM, Noel Jones wrote:
[snip]
You can use an external policy service such as postfwd to compare
envelope sender and recipient.
But it sounds as if you really need to compare the From: header with the
envelope recipient. You'll need a content_filter or milter to do that.
-- Noel Jones
Thanks Noel. I was hoping I could do it within Postfix to keep things
lean & mean. Will check out your suggestions.
Kind regards,
Patrick
I use vpostmaster (which uses postfix as the mta) for this (though you'd
probably want to do a clean install, or at least save your postfix
config before installing). vpostmaster (which uses virtual mailboxes,
i.e. not users in /etc/password) allows you to define an extension
character, usually '-'. So if fred is a vpostmaster mailbox, you can
also send email to fred-string1 and fred-string2 and then use the
vpostmaster GUI to define white/blacklist rules to reject or accept
fred-string1 etc.
So if I give my online banking service the name fred-bank1 and then I
start receiving viagra spam addressed to fred-bank1, I know that bank1
has leaked my email address. (There have been large class action law
suits against presumably secure finanacial institutions who have had
their customers email addreses compromised). Anyway, you just block
fred-bank1 when this happens and vpostmaster will cause postfix to
reject fred-bank1 during the recipient phase of the SMTP session. The
nice thing abouit this approach is you don't have to edit any
configuration to create new email addresses, you only have to do
something when you want to block one.
The white/blacklists supports checking on sender, recipient, helo name,
remote hostname and remote ip address and you can accept, reject, continue.
Nataraj
