On Sat, 2023-07-15 at 22:04 -0500, Thomas Cameron wrote: > > On 7/14/23 20:30, Grant Taylor via users wrote: > > On 7/14/23 6:06 PM, Thomas Cameron wrote: > > > I'm trying to figure out how to block this stuff. Something like > > > "if > > > it appears to come from me, but it's not actually coming from my > > > email server," block it. > > > > SPF with hard fail in your own domain /and/ filtering that respects > > SPF hard fail will almost certainly stop this like a switch. > > I'd love to do this, but see below. I get TONS of warnings every time > I > send email to lists (even this list) that make me hesitant to do hard > fails. > Another way to do this is to build either a mail archive or a database of addresses you've sent mail to and simply add a positive score to mail from anybody who you've sent mail to: this needs the following bits of code:
I use PostgreSQL as the databaee and Postfix as my local MTA, which I needed anyway to distribute internal mail on my local LAN. Capturing outgoing mail destination addresses: I added a Postfix BCC directive that sends a copy of outgoing mail to a local mailbox. Once a day this mailbox is scanned for destination addresses: any new ones are added to the database. Scanning incoming mail: I wrote an SA extension to look up sender addresses of incoming mail in the 'outbound mail address database' and an SA rule to trigger it: this adds a negative score to mail containing any FROM address(es) that I've previously sent mail to. The SA extension is a Perl module that looks up the sender address on all incoming mail. Since the OP is a programmer, this should be easily within his capabilities: - he needs to know some Perl to write the SA extension module (the O'Reilly Camel book is a well-organised guide to Perl and/or he's welcome to a copy of my Perl module) . - Almost any database will do for this job (even a flat text file if he uses awk to update it and awk or grep to search it) though a proper database such as Postgresql or MariaDB would be faster of the sent address list is large, but he needs to know some fairly basic SQL to add addresses to it and to do the lookups. Martin
