Re: per-user spam blocking with Postfix
On Tue, Nov 21, 2000 at 11:43:03 +0100, Russell Coker wrote:
> I would like to allow the users to select which spam filters to use (ORBS,
> MAPS, both, something else) through a file on disk (which will be created by
> a web page). The file could be a .procmail file or something else.
Have a look at
http://www.interlog.com/~waltdnes/spamdunk/sdfiles/NOTLIST.TXT
and http://www.interlog.com/~waltdnes/spamdunk/techie.htm
I haven't quite gotten it to work the way it is advertised, so I use a
simplification (which doesn't process all Received: entries)
:0
* ^Received: from.*\/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
{
IPEXTERNAL=${MATCH}
:0
* IPEXTERNAL ?? ()\/[0-9]+
{ QUAD1=$MATCH }
:0
* IPEXTERNAL ?? [0-9]+\.\/[0-9]+
{ QUAD2=$MATCH }
:0
* IPEXTERNAL ?? [0-9]+\.[0-9]+\.\/[0-9]+
{ QUAD3=$MATCH }
:0
* IPEXTERNAL ?? [0-9]+\.[0-9]+\.[0-9]+\.\/[0-9]+
{ REVERSED="${MATCH}.${QUAD3}.${QUAD2}.${QUAD1}" }
NSLOOKUP=`nslookup ${REVERSED}.dul.maps.vix.com 2>/dev/null`
:0fh
* NSLOOKUP ?? 127\.0\.0\.3
| formail -A "X-Reject: IP $IPEXTERNAL is in DUL."
NSLOOKUP=`nslookup ${REVERSED}.rbl.maps.vix.com 2>/dev/null`
:0fh
* NSLOOKUP ?? 127\.0\.0\.2
| formail -A "X-Reject: IP $IPEXTERNAL is in RBL."
NSLOOKUP=`nslookup ${REVERSED}.inputs.orbs.org 2>/dev/null`
:0fh
* NSLOOKUP ?? 127\.0\.0\.2
| formail -A "X-Reject: IP $IPEXTERNAL is in ORBS inputs."
NSLOOKUP=`nslookup ${REVERSED}.relays.mail-abuse.org 2>/dev/null`
:0fh
* NSLOOKUP ?? 127\.0\.0\.2
| formail -A "X-Reject: IP $IPEXTERNAL is in RSS."
}
HTH,
Ray
--
Obsig: developing a new sig
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: per-user spam blocking with Postfix
On 2000-11-21 17:59, brian moore wrote:
>> I would like to allow the users to select which spam filters to use (ORBS,
>> MAPS, both, something else) through a file on disk (which will be created
>> by a web page). The file could be a .procmail file or something else.
>
>No, it can be done within postfix.
Excellent!
>> It seems that it's impossible to block mail from being received on a
>> per-user basis, so I guess I will have to bounce them (returning an SMTP
>> error 550 is much better as spam generally doesn't have a good bounce
>> address). But if it is possible to return an error 550 based on sender-IP
>> and destination email then I'd like to know how!
>
>Bzzzt... Wrong... It can be done within postfix, which is the best way
>to do it. See http://www.kfki.hu/~kadlec/sw/postfix_patch.html
Thanks a lot! I am checking that now. It seems that this patch isn't
integrated into the postfix-tls package so I'll have to compile my own (and
file a wishlist bug).
>> Also I would like to provide an option of flagging messages or putting
>> them in a seperate IMAP folder (procmail could do this if procmail can
>> handle the ORBS and MAPS lookups).
>
>I use procmail for nailing some special headers ('Authenticated
>sender' nonsense, when it's not from Pegasus, forged Received lines
>with bogon IP numbers, etc), but the various DNS lookups (and things
>like my own blacklist of bad networks and senders) are handled by
>postfix's smtpd, and our users get to pick and choose which filters they
>want to apply from a web page. (Which is really trivial -- it just
>updates a db file.)
OK. How about LDAP? I haven't looked at how the postfix LDAP patches work,
are they generic enough to have this magically work with LDAP?
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: per-user spam blocking with Postfix
On Tue, Nov 21, 2000 at 11:43:03AM +0100, Russell Coker wrote:
> I would like to implement per-user spam blocking for a moderate sized mail
> server (25,000 email accounts). I need to allow users to choose their own
> spam policies on a per-account basis.
The only way to do it, IMHO.
> I would like to allow the users to select which spam filters to use (ORBS,
> MAPS, both, something else) through a file on disk (which will be created by
> a web page). The file could be a .procmail file or something else.
No, it can be done within postfix.
> It seems that it's impossible to block mail from being received on a per-user
> basis, so I guess I will have to bounce them (returning an SMTP error 550 is
> much better as spam generally doesn't have a good bounce address). But if it
> is possible to return an error 550 based on sender-IP and destination email
> then I'd like to know how!
Bzzzt... Wrong... It can be done within postfix, which is the best way
to do it. See http://www.kfki.hu/~kadlec/sw/postfix_patch.html
> Also I would like to provide an option of flagging messages or putting them
> in a seperate IMAP folder (procmail could do this if procmail can handle the
> ORBS and MAPS lookups).
I use procmail for nailing some special headers ('Authenticated
sender' nonsense, when it's not from Pegasus, forged Received lines
with bogon IP numbers, etc), but the various DNS lookups (and things
like my own blacklist of bad networks and senders) are handled by
postfix's smtpd, and our users get to pick and choose which filters they
want to apply from a web page. (Which is really trivial -- it just
updates a db file.)
> Any suggestions?
Yep. See above.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: per-user spam blocking with Postfix
On Tue, Nov 21, 2000 at 11:43:03AM +0100, Russell Coker wrote: > It seems that it's impossible to block mail from being received on a per-user > basis, so I guess I will have to bounce them (returning an SMTP error 550 is > much better as spam generally doesn't have a good bounce address). But if it > is possible to return an error 550 based on sender-IP and destination email > then I'd like to know how! I believe there's patches for some kind of per-user UCE controls, although I don't know exactly what facilities are provided - check the postfix-users archives and/or the contrib section on the web site. > Also I would like to provide an option of flagging messages or putting them > in a seperate IMAP folder (procmail could do this if procmail can handle the > ORBS and MAPS lookups). You can do DNS from procmail by calling an external program, though it is resource intensive. There's an example somewhere in spambouncer (http://spambouncer.org IIRC). -- Mark Brown mailto:[EMAIL PROTECTED] (Trying to avoid grumpiness) http://www.tardis.ed.ac.uk/~broonie/ EUFShttp://www.eusa.ed.ac.uk/societies/filmsoc/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
per-user spam blocking with Postfix
I would like to implement per-user spam blocking for a moderate sized mail server (25,000 email accounts). I need to allow users to choose their own spam policies on a per-account basis. I would like to allow the users to select which spam filters to use (ORBS, MAPS, both, something else) through a file on disk (which will be created by a web page). The file could be a .procmail file or something else. It seems that it's impossible to block mail from being received on a per-user basis, so I guess I will have to bounce them (returning an SMTP error 550 is much better as spam generally doesn't have a good bounce address). But if it is possible to return an error 550 based on sender-IP and destination email then I'd like to know how! Also I would like to provide an option of flagging messages or putting them in a seperate IMAP folder (procmail could do this if procmail can handle the ORBS and MAPS lookups). Any suggestions? -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
