Postfix header check to reject certain senders
Gareth
list-mailscanner at linguaphone.com
Tue Jul 17 14:21:41 IST 2007
On Tue, 2007-07-17 at 14:05, Glenn Steen wrote:
> On 17/07/07, Gareth <list-mailscanner at linguaphone.com> wrote:
> > On Tue, 2007-07-17 at 12:55, Glenn Steen wrote:
> > > On 17/07/07, Gareth <list-mailscanner at linguaphone.com> wrote:
> > > > A bit off topic but you are normally a friendly bunch :)
> > > >
> > > > I am trying to get postfix () to reject mail from certain senders rather
> > > > than accept and then delete it in mailscanner.
> > > >
> > > > One such mail has the following in the headers:-
> > > > From: root at adsl.linguaphone.com
> > > > To: root at adsl.linguaphone.com
> > > > Subject: adsl.linguaphone.com security run output
> > > >
> > > > I have my postfix header checks set to use regexp matching and the file
> > > > contains :-
> > > >
> > > > /^From:.*\@adsl\.linguaphone\,com/ REJECT Sender
> > > > address blacklisted.
> > > > /^Received:/ HOLD
> > > >
> > > > The problem is that the mail I am trying to block is not being rejected.
> > > > All mail is being put in the hold queue and Mailscanner working
> > > > correctly so header checks are working.
> > > > Have I done something wrong with the syntax?
> > > >
> > > Look at rejecting the _envelope_ sender instead. That From: is
> > > probably spoofed to high heaven:-).
> > >
> > > Also, this should be done in the access map instead.
> > > ... Then again, I'm on vacation, so the brain might be sligtly turned
> > > off (more than usual, that is:-).
> >
> > ok I added :-
> > smtpd_client_restrictions = check_client_access hash:/etc/postfix/access
> >
> > then added the following line to the access file :-
> > adsl.linguaphone.com REJECT Sender address
> > blacklisted.
> >
> > I then used postmap and restarted postfix but the mail is still being
> > accepted. I configured a copy of outlook with that email address for
> > testing purposes.
> >
> > Any ideas?
> >
> Ok, might be your (postfix, implicit) trust rules taking effect before
> the access rule (permit_mynetworks ...). See to it that the client
> machine isn't part of that trust.
>
I thought it would be easier to ssh into my home machine and then test
it using telnet from there :-
220 mailscanner.linguaphone-intranet.co.uk ESMTP Postfix
HELO gbhome
250 mailscanner.linguaphone-intranet.co.uk
MAIL FROM: test at adsl.linguaphone.com
250 2.1.0 Ok
RCPT TO: test at cdlive.co.uk
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
test
.
250 2.0.0 Ok: queued as 0E128AA0123
still not working for some reason. Thanks for your help so far.
More information about the MailScanner
mailing list