Solved

Postfix Block Recipient

Posted on 2006-11-14
16
1,227 Views
Last Modified: 2013-12-16
I have been trolling around the net and have yet to find out if there exists the means within postfix itself to block and email if the recipient in the initial handshake doesn't match the recipient within the body.  I am also running SpamAssasin, is there a way within SA to get this functionality.  Thanks.
0
Comment
Question by:Dm32z
  • 7
  • 7
  • 2
16 Comments
 
LVL 14

Expert Comment

by:ygoutham
ID: 17944688
there is an option in the main.cf for rejecting mails for unknown users using local_recipient_maps.  tried that out???
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17944691
unknown_local_recipient_reject_code = 450

it says so in the main.cf file.  i have not tried it but worth a shot ...
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17944706
The postfix sits out in the DMZ.  All it does is relay to inside mail servers.  It knows its' domains it answer to but not any recipients.
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17944709
also read through the LOCAL_RECIPIENT_README file.  you can do a "locate ..." to find the file in your system.  postfix 2.0 and above allows this feature it seems.
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17944712
I am just lately seeing alot of SPAM where as the sender address in the body is dofferent then the sender in the handshake.  Thanks for any guidance.
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17944725
the private side mail servers are MS.  
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17944820
but most of the spam that lands within happens from users where the mails are targetted to "mail, root, postmaster, support, etc" which are valid users on the alias table.  are you getting weirdo names as well????
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17944879
We are getting hit recently where the recip names on the initial connection to the server are valid emails, but the recip names within the body of the email is something else.  

0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 14

Assisted Solution

by:ygoutham
ygoutham earned 200 total points
ID: 17944925
amavisd-new???  i have it and works perfectly fine for me.  any anti-spam running???
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17944946
Spam Assasin
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17944957
you can download from

http://www.ijs.si/software/amavisd/

with a little bit of tweaking, you can even chose to reject mails beyond a particular spam score.  but the initial couple of weeks i would suggest not doing so, as the auto-learn gets more effective with better traffic.  quite simple and easy to configure
0
 
LVL 25

Accepted Solution

by:
Cyclops3590 earned 50 total points
ID: 17947318
I'm pretty sure what you want is impossible (during smtp process anyway).  The reason is that during the smtp process when the sending MTA tells the receiving MTA the from and rcpt addresses, the receiving MTA is completely ignorant of the contents of the email as of yet.  Only after it accepts the connection can the process you are asking for take place.

I'm still unconvinced that Postfix or any MTA can do this on its own.  The reason is this requires the program to keep the smtp parameters stored, and compare those parameters against what can be found in the body.  Now I know Postfix can do header checks, body checks, etc.  However I'm not aware of any ability to compare what is found there to what is received during the smtp process.  There are many other reasons why there is not good checks here either.

1) Whatif the RCPT TO is correct, the email is legit, but the recipient is a BCC.  No record of it in the headers.
2) Email might have been forwarded from another address.  Gmail to business email for example.  It will keep the gmail address there, but the RCPT TO will have a correct address.

I'd look into it I had more time, but honestly I don't believe this is possible.  Even if it was it'd very very difficult to prove the program is 100% correct.  I say utilize other anti-spam abilities of Postfix, use Amavis like ygoutham mentioned.  Make sure to specify banned files and have multiple AV programs running on your server.

Also, check out http://www.postfix.org/uce.html, as there are good hints there for anti-spam tricks in postfix.
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17948053
Thanks.  I will go ahead and move on from this.  Maybe the problem is just SpamAssasin then eh?  I will go ahead and give Amavisd a try.  I do appreciate all the time.  
0
 
LVL 1

Author Comment

by:Dm32z
ID: 17948087
ygoutham I meant for it to show I accepted your answer with the assist to Cyclops3590.  I split to points as 200 to ygoutham and 50 to Cyclops3590.  Thanks again you two.  
0
 
LVL 25

Expert Comment

by:Cyclops3590
ID: 17948903
SA only compares mail against rules.  It has the ability to modify the subject line to show its reached a certain score.  However if you want it droppped, it must be amavis that is configured to do that.

Also, be aware that amavis overrides many of SA's configurations.  It basically just passes email to the spamc client to run the spam detection rules and that's it.  Amavis takes care of rule scores for the most part.
0
 
LVL 14

Expert Comment

by:ygoutham
ID: 17953563
me here not for scores or anything. but only a small egoistic satisfaction at having cracked someone else's problem and a general community thingy.  thanx anyhow.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now