Find the answer to your Linux question:
Results 1 to 3 of 3
Hi all, ( PREFACE : This forum doesn't allow me yet to post AT symbol, cause it thinks I'm posting an email link. So consider I changed al AT symbol ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 08-25-2011 #1
    gabolander
    gabolander is offline
    Just Joined!
    Join Date
    Sep 2008
    Posts
    22

    Post How to REJECT/DISCARD mails from a domain BUT NOT subdomin in POSTFIX

    Hi all,

    (PREFACE: This forum doesn't allow me yet to post AT symbol, cause it thinks I'm posting an email link. So consider I changed al AT symbol as © to write this post)

    I have a CentOS 5.5 w/ Postfix 2.3.3-2.1 in a machine that acts as a Mail Gateway, in the DMZ side of my network.
    Lets say for example that my MX domain is "mydomain.com"
    In order to avoid SPAM mails that usually come with the domain part of the sender like mydomain from external (es. From: foo©mydomain.com To: user.name©domain.com), I put a line in access_sender file like the following:

    Code:
    mydomain.com DISCARD No mails from external with mydomain name.
    Obviously I have a line in my main.cf that reads:

    Code:
    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    .....
    check_sender_access hash:/etc/postfix/access_sender,
    .....

    This worked, but unfortunately it discarded even mails that had From like "someone©certmail.mydomain.com".
    Since I wanted them to enter in my network, I changed the access_sender file to read:

    Code:
    ©mydomain.com DISCARD No mails from external with mydomain name.
    So, I put the AT "©" before the domain. It seemed to work for a first while, but now (maybe after a postfix upgrade) it doesn't any longer.
    It makes all the mails pass to the internal network (until reaching the mail server in transport), just like the line rule were not present at all...

    If I try to regexp the rule in regexp/pcre:headers_checks file like the following:

    Code:
    /From:.*©mydomain.com/  DISCARD No mails from external with mydomain
    I get a DEVASTATING result because it blocks all the mails coming from external, but all the mails the mails my users try to send out as well !!

    So, in other hands, I'd like to write down a rule for my mail gateway with postfix that:
    • DISCARDs mails from external with From = *©mydomain.com
    • ACCEPTs mails from external with From = *©<anysubdom>.mydomain.com
    • ACCEPTs mails sent from "mynetworks" to external


    Any suggestions?

    Tnx in advance
    Reply With Quote Reply With Quote
  2. 08-26-2011 #2
    nplusplus
    nplusplus is offline
    Linux Newbie nplusplus's Avatar
    Join Date
    Apr 2010
    Location
    Charlotte, NC, USA
    Posts
    105
    Howdy, Gabo,

    A couple of thoughts/questions.

    With the most recent config, does your main.cf read:

    Code:
    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    .....
    check_sender_access pcre:headers_checks,
    .....
    I would think, as long as your senders were in "mynetworks," you should not have a problem.

    Regardless, maybe you could format your regexp like, "/From:.*?@mydomain.com/". (Notice the addition of the question mark.)

    N
    Reply With Quote Reply With Quote
  3. 08-29-2011 #3
    gabolander
    gabolander is offline
    Just Joined!
    Join Date
    Sep 2008
    Posts
    22
    Quote Originally Posted by nplusplus View Post
    Howdy, Gabo,

    A couple of thoughts/questions.

    With the most recent config, does your main.cf read:

    Code:
    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    .....
    check_sender_access pcre:headers_checks,
    .....
    I would think, as long as your senders were in "mynetworks," you should not have a problem.

    Regardless, maybe you could format your regexp like, "/From:.*?@mydomain.com/". (Notice the addition of the question mark.)

    N
    Hi Nplusplus, 1st of all tnx for your answer and sorry for delay of my reply.

    I feel you're right: I have the main.cf that reads like this:

    Code:
    header_checks = regexp:/etc/postfix/header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
body_checks = regexp:/etc/postfix/body_checks
.......
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
----
    check_client_access hash:/etc/postfix/access_client,
    check_helo_access hash:/etc/postfix/access_helo,
    check_sender_access hash:/etc/postfix/access_sender, pcre:/etc/postfix/access_sender_pcre,
    check_recipient_access hash:/etc/postfix/access_recipient,
.....
    reject_rbl_client sbl.spamhaus.org,
        check_policy_service inet:127.0.0.1:2501,
    permit
    So.. access_sender file is correctly checked only if outcoming mails ARE NOT by my internal network.
    On the contrary, header_checks is a standalone check line, so it may block ALL mails, including the ones coming from my users !!! I'm so idiot I didn't realize it before ..

    Anyway now I (partially) solved in this way:
    I changed access_sender file to read the following:

    Code:
    ....
pec.mydomain.com            OK
mydomain.com                DISCARD No mail dall'esterno con stesso dominio 
....
    In this way, my users can send succesfully mails. I don't receive mail from any domain/subdomain matching "mydomain.com", BUT *@pec.mydomain.com that get in flawlessly.
    It is almost what I expected...

    Thanks again for your support.

    G.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules