On Fri, Jan 25, 2019 at 11:15:47PM +1000, Stuart Longland wrote: > Hi all, > > I've got a few silly questions regarding OpenSMTPD??? I'd ask on the > opensmtpd misc mailing list, but my subscribe requests keep bouncing > after a few days. Since I'm running OpenSMTPD on OpenBSD, I figure > they're on-topic here too. >
I can probably help with this ;-) > [...] > > First and foremost is the issue of backscatter-prevention. I would like > OpenSMTPD to validate the addresses passed to it before accepting them > for relay to my primary MX. In Postfix I can put > > relay_recipient_maps = hash:/etc/postfix/valid_recipients > > into /etc/postfix/main.cf and fill that valid_recipients file with > > f...@example.com x > b...@example.com x > > I can come up with a full list -- no problem, but the question is how do > I encode this list into the configuration of OpenSMTPD so that if the > list contained f...@example.com and b...@example.com, but someone tries > sending to foo...@example.com, that RCPT TO request is rejected before > the email delivery begins. > How you do it depends on which version you are running. before 6.4: accept [...] recipient <table> [...] after 6.4: match [..] rcpt-to <table> [...] where table is a table containing a list of recipient addresses for that rule to match. > Second is about how to define custom mail transports. Rather than using > SMTP/SSL like I am now, I'd like the emails destined for relay to my > server, to be encrypted using a RSA key, (well, AES, then RSA encrypt > the AES key) then either: > - scp'd to a special spool directory on my Linux server??? OR if it > happens to be down, > - placed in a special directory on the VPS for my server to later ciphon > down using `rsync --remove-source-files` over SSH. (Basically, a bit > like UUCP.) > no custom mail transports in smtpd. a way to achieve what you want is to write a custom mda, and this is actually how i did it to achieve a use-case similar to yours in the past. -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg