Hi Markus,
I am pleased to say my 'moonshine' perl based policy is now up and running.
Benning, Markus wrote:
The reject_sender_login_mismatch in smtpd_sender_restriction already
does that
as a native postfix check:
I didn't know that. There is a lot I don't know or understand, which is
why I decided to try to come up with something myself. Regarding
blocking sender login mismatch, I will keep that in the policy. I added
an extra field to the policy mysql DB table enabling mailboxes to be
group linked by an administrator. This means that an SMTP login within a
specific group, can send messages on behalf of anyone else provided that
has the same group code. A very simple addition where both the sender
and sasl-username are cross checked with the group name (if any).
$action= "action=DUNNO\n\n";
if ($sasl_username ne $sender)
{
if(length($sasllink)>0 && length($senderlink)>0 && $sasllink eq
$senderlink) {}
else { $action= "action=REJECT Not authorised\n\n";}
}
}
I guess I can skip one of the two lengths being greater than 0 as if one
is and one isn't, they wouldn't be equal anyway. Only just noticed that.
Ho humm.
http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
The Accounting/Quota module in mtpolicyd can be used to count/limit mails
per sasl user in a SQL database supported by perl-DBI (SQLite, MySQL,
etc.):
https://www.mtpolicyd.org/getting-started.html#Mail::MtPolicyd::Cookbook::HowtoAccountingQuota
I had a look at your site. Cookbook looks highly customisable. Had you
sold that to me two weeks ago, I'd have bitten you right arm off to try
it out. Right now, I have everything I need ... I think?, and really
want to go down my own avenue. I have bookmarked your website for
future investigation though, thanks for the link. I did try to download
polidyd from the Debian resource, but all I got was upgrade text file so
gave up.
My idea of a quota policy differs in that it is not intended to restrict
traffic from genuine users, I want it solely to mitigate against
compromised accounts. On a average user account, say if 20 messages are
sent within a minute, relay access will be blocked. The
'recipient_count' adds to the total so that could catch people out if
sending to multiple to/cc/bcc., that is why it is all end users can
change values via a php web portal. The option to block or unblock is
there too.
In the pipeline: I will add to the php script to ensure the mail
password can't be the same as the portal password, and the maximum quota
reduces or increases depending on mail and portal password strength.
There are currently 3 sets of message (counter) per (seconds) variables,
each resetting their count after the timeout.
Why would I want to manually block my own account? Well, I for one have
various email accounts. Mailing lists, mates & friends, trusted
business, untrusted business. With the group link, all I need is one
account that is SMTP active to be able to send mail from any of these.
If other accounts are blocked by default, it cuts down the risk of a
compromised pop3 becoming open SMTP. Yeah, I know it won't catch on ;-)
Thanks again,
Mick.
