Re: Need to clarfiy how to implement spamtrap address checking & discard with before-queue filtering.

Thu, 23 Feb 2012 14:36:56 -0800 

On 2/23/2012 4:25 PM, rg86...@airpost.net wrote:
> Hello,
> 
> On Thu, Feb 23, 2012, at 03:46 PM, Noel Jones wrote:
>> On 2/23/2012 3:39 PM, /dev/rob0 wrote:
>> The check_recipient_access with DISCARD is probably easiest, but the
>> spamtrap address must be accepted by the pre-filter postfix.
> 
> Looking for the most straightforward place to do this, in my main.cf I
> have currently
> 
>  ...
>  virtual_transport = lmtp:unix:private/dovecot-lmtp
>  virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/vdomains.cf
>  virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/vmailboxes.cf
>  ...
> 
> Where "valid addresses ( == <valid user>@<valid domain>)" are assembled
> from "valid users" queried for in 'vmailboxes.cf' and "valid domains"
> queried for in 'vdomains.cf'.
> 
> It is this combination/check that's being done for (non)existing users. 
> Those that don't exist, get rejected on the spot.
> 
> Since spamtrap addresses sourced by compromise of previously-good
> addresses are all, by definition, at domains I own/manage, I was
> thinking that a hash: table of <valid user> parts only, e.g.
> 
>     cat /etc/postfix/spamtrap_userparts
>         test1
>         test2
>         test3
>     postmap /etc/postfix/spamtrap_userparts


Wrong format; table entries must have a result.  In this specific
case, postfix doesn't actually use the result, but *something* must
be there.

And I'm pretty sure you need full addresses, not just usernames.

# these are all considered valid users
te...@example.tld  valid_user
te...@example.tld  Anything
te...@example.tld  melt_CPU

> 
> then changing
> 
> -    virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/vmailboxes.cf
> +    virtual_mailbox_maps = hash:/etc/postfix/spamtrap_userparts
> +                   proxy:mysql:/etc/postfix/sql/vmailboxes.cf


Yes, that should work fine without any ill effects.


> 
> might do the trick for getting through the pre-filter postfix; my
> intention would be here that those spamtrap addresses are identified as
> valid_users.
> then the downstream check at 127.0.0.1:10026 reinjection listener,
> checking against
> 
>     cat /etc/postfix/spamtrap
>         te...@mydomain1.com DISCARD
>         te...@mydomain2.com DISCARD
>         te...@mydomain3.com DISCARD
>     postmap /etc/postfix/spamtrap
> 
> should now actually receive, and hopefully trigger upon, the
> spamtrap-containing message?


Yes.



  -- Noel Jones

Reply via email to