Force a sender's email to quarantine?

Robert Lopez rlopezcnm at gmail.com
Wed Jan 20 19:38:01 GMT 2010


On Wed, Jan 20, 2010 at 11:31 AM, Kelly, James <jakelly at chapman.edu> wrote:
> We have a very similar script watching our outbound mail logs. To
> "quarantine" the suspect outbound mail we use the script itself (perl,
> in our case) to add the suspect messages' from address with a redirect
> action into the postfix sender_restrictions table on the gateway(s) and
> then regenerate the .db.
>
> from at large.chinese.isp     REDIRECT quarantine-acct at ourdomain.tld
>
> If the spammer changes the from, the script notices and adds the new
> from(s) also.
>
> We use scripts to resend the messages in the quarantine account with the
> original from/to if they turn out to be false positives.


James,

That seems a simple idea. Thanks for pointing out is is possible to
this with postfix.

-- 
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106


More information about the MailScanner mailing list