Postfix resent messages detection
Hello all, here is my problem: I have several hosting servers, sending mails from authenticated users, web scripts, web pages, and so on... I cannot monitor everything, and our greatest problem is outgoing unauthorized mails. we experience 10'000 mails spam campaigns every week or so... No need to says that this is no good for blacklisting. As I have root access everywhere, I can construct an exhaustive list of allowed sender domains. Then I build up a new mail gateway dedicated to outgoing mails, and configure it as follows: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access reject_unverified_sender warn_if_reject reject Now I get a warning in my logs every time a potentially unauthorized mails goes out. But I can't have any visibility over redirected mails. We've got several users that configure their mailbox to resend their email on another external mailbox, and we do not want to consider this kind of mail as unwanted! I have seen nothing and everything about this kind of mail, and I wonder if postfix is by any way able to detect this kind of mail...? The real problem, as I understand it, is that I want to configure this Postfix as an independant server, that would be the relayhost of all our hosting servers... If anyone could lead me to enlightenment here... Thanks in advance! Simon
Re: Postfix resent messages detection
Am 17.02.2012 17:00, schrieb Simon Hintermann: Hello all, here is my problem: I have several hosting servers, sending mails from authenticated users, web scripts, web pages, and so on... I cannot monitor everything, and our greatest problem is outgoing unauthorized mails. we experience 10'000 mails spam campaigns every week or so... No need to says that this is no good for blacklisting. As I have root access everywhere, I can construct an exhaustive list of allowed sender domains. Then I build up a new mail gateway dedicated to outgoing mails, and configure it as follows: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access reject_unverified_sender warn_if_reject reject Now I get a warning in my logs every time a potentially unauthorized mails goes out. But I can't have any visibility over redirected mails. We've got several users that configure their mailbox to resend their email on another external mailbox, and we do not want to consider this kind of mail as unwanted! I have seen nothing and everything about this kind of mail, and I wonder if postfix is by any way able to detect this kind of mail...? The real problem, as I understand it, is that I want to configure this Postfix as an independant server, that would be the relayhost of all our hosting servers... this kind of mail does NOT use smtp at all and so it is not affected by smtpd_* restrictions if your MDA like dovecot or dbmail is forwarding a message it is using the sendmail-binary and the messages are catched by pickup, so the problem you imagine does not exist in almost any setup signature.asc Description: OpenPGP digital signature
Re: Postfix resent messages detection
Le 17. 02. 12 17:06, Reindl Harald a écrit : Am 17.02.2012 17:00, schrieb Simon Hintermann: Hello all, here is my problem: I have several hosting servers, sending mails from authenticated users, web scripts, web pages, and so on... I cannot monitor everything, and our greatest problem is outgoing unauthorized mails. we experience 10'000 mails spam campaigns every week or so... No need to says that this is no good for blacklisting. As I have root access everywhere, I can construct an exhaustive list of allowed sender domains. Then I build up a new mail gateway dedicated to outgoing mails, and configure it as follows: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access reject_unverified_sender warn_if_reject reject Now I get a warning in my logs every time a potentially unauthorized mails goes out. But I can't have any visibility over redirected mails. We've got several users that configure their mailbox to resend their email on another external mailbox, and we do not want to consider this kind of mail as unwanted! I have seen nothing and everything about this kind of mail, and I wonder if postfix is by any way able to detect this kind of mail...? The real problem, as I understand it, is that I want to configure this Postfix as an independant server, that would be the relayhost of all our hosting servers... this kind of mail does NOT use smtp at all and so it is not affected by smtpd_* restrictions if your MDA like dovecot or dbmail is forwarding a message it is using the sendmail-binary and the messages are catched by pickup, so the problem you imagine does not exist in almost any setup Okay... perhaps I explained it poorly, or did I actually not understood a word of your explaination... The case I cannot detect is: SENDER (a...@toto.com) sends an email to b...@domain.com || v WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com) || v MAIL GATEWAY (local domains: domain.com) sees a mail with a From: a...@toto.com header and says that this is an unwanted mail || v warning and pass to yahoo.com or simply drop... -- Meilleures Salutations Freundliche Grüsse Best regards Simon Hintermann www.ganesh-consulting.ch informations : i...@ganesh-consulting.ch Tél. 021/921 76 74 Fax. 021/964.17.91 Skype : ganesh.consulting
Re: Postfix resent messages detection
Am 17.02.2012 18:31, schrieb Simon Hintermann: Okay... perhaps I explained it poorly, or did I actually not understood a word of your explaination... The case I cannot detect is: SENDER (a...@toto.com) sends an email to b...@domain.com || v WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com) || v MAIL GATEWAY (local domains: domain.com) sees a mail with a From: a...@toto.com header and says that this is an unwanted mail || v warning and pass to yahoo.com or simply drop... why does WEBSERVER does forward anything? forwarders have to be configured on the MTA/MDA and then your problems does not exist at all signature.asc Description: OpenPGP digital signature
Re: Postfix resent messages detection
On Fri, Feb 17, 2012 at 06:35:11PM +0100, Reindl Harald wrote: Am 17.02.2012 18:31, schrieb Simon Hintermann: SENDER (a...@toto.com) sends an email to b...@domain.com || v WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com) || v MAIL GATEWAY (local domains: domain.com) sees a mail with a From: a...@toto.com header and says that this is an unwanted mail || v warning and pass to yahoo.com or simply drop... why does WEBSERVER does forward anything? forwarders have to be configured on the MTA/MDA and then your problems does not exist at all I am in a similar situation, and would like to bar people from using the sendmail binary. Having said that, I guess that Simon thinks of the case that the user is using some webmail package, which could very well inject an email with a sender @toto.com into the mail system. Eg. my mutt is configured to set the envelope sender from the 'From:' line, too, and a web application is equivalent to shell access, in his case. Kind regards, --Toni++
Re: Postfix resent messages detection
Le 17. 02. 12 18:35, Reindl Harald a écrit : Am 17.02.2012 18:31, schrieb Simon Hintermann: Okay... perhaps I explained it poorly, or did I actually not understood a word of your explaination... The case I cannot detect is: SENDER (a...@toto.com) sends an email to b...@domain.com || v WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com) || v MAIL GATEWAY (local domains: domain.com) sees a mail with a From: a...@toto.com header and says that this is an unwanted mail || v warning and pass to yahoo.com or simply drop... why does WEBSERVER does forward anything? forwarders have to be configured on the MTA/MDA and then your problems does not exist at all Okay, the webserver is a Plesk server where users can set an email redirection to their external address. I don't know why, but many users do that. As I cannot handle these sender rules on every single one Plesk I have (qmail or postfix...), I have to set up a mail gateway for outgoing mails. I also have Bluequartz working with sendmail, and Kerio servers, working with custom MTAs. So, as I understood, correct me if I'm wrong, my email gateway does only see an email going from a...@toto.com to b...@yahoo.com, none of which are in my local domains.
Re: Postfix resent messages detection
Am 17.02.2012 18:41, schrieb Toni Mueller: On Fri, Feb 17, 2012 at 06:35:11PM +0100, Reindl Harald wrote: Am 17.02.2012 18:31, schrieb Simon Hintermann: SENDER (a...@toto.com) sends an email to b...@domain.com || v WEBSERVER (b...@domain.com forwards all mails to b...@yahoo.com) || v MAIL GATEWAY (local domains: domain.com) sees a mail with a From: a...@toto.com header and says that this is an unwanted mail || v warning and pass to yahoo.com or simply drop... why does WEBSERVER does forward anything? forwarders have to be configured on the MTA/MDA and then your problems does not exist at all I am in a similar situation, and would like to bar people from using the sendmail binary. people do not software does - as example dbmail if in the dbmail_aliases a external fowarder is defined and since this is NOT using smtp the restrictions are not active here as expected Having said that, I guess that Simon thinks of the case that the user is using some webmail package, which could very well inject an email with a sender @toto.com into the mail system. and that is why smtpd_*_restricitions are enforced: webmail usually uses smtp Eg. my mutt is configured to set the envelope sender from the 'From:' line, too, and a web application is equivalent to shell access, in his case. a webapplication si NOT equivalent to shell access mostly it will NOT run on the same machine as the mailserver even if it does - normally you shpuld DISABLE any shell-commands for php and so the app is forced to use phpmailer as example which can use smtp and so your restrictions are aneforced in all this cases forwrding is never done by a webserver mor is it a topic for smtp restrictions because this are different worlds signature.asc Description: OpenPGP digital signature
Re: Postfix resent messages detection
Am 17.02.2012 18:48, schrieb Simon Hintermann: Okay, the webserver is a Plesk server where users can set an email redirection to their external address. I don't know why, but many users do that. i am out here because i never use such software using server configuartions natevily all of the time and if need/usefull develop my own webinterfaces As I cannot handle these sender rules on every single one Plesk I have (qmail or postfix...), I have to set up a mail gateway for outgoing mails. I also have Bluequartz working with sendmail, and Kerio servers, working with custom MTAs. thats the problem with PLESK and ready software in my setups i can enforce psotfix configurations on one central mysql-database and every single relay on any webserver is using this tables as need readonly for enforcing rules So, as I understood, correct me if I'm wrong, my email gateway does only see an email going from a...@toto.com to b...@yahoo.com, none of which are in my local domains. in your case it may be difficult in my setup it is easy * user has a sender-adress to type we are owning, ever * any host is checking for alloweed senders * forwarding are only done on the gateway so the gateway doe snever see any foreign sender for outigoing messages signature.asc Description: OpenPGP digital signature
Re: Postfix resent messages detection
Simon Hintermann: [restricting the sender address from webmail apps with an SMTP sender access table] Now I get a warning in my logs every time a potentially unauthorized mails goes out. But I can't have any visibility over redirected mails. We've got several users that configure their mailbox to resend their email on another external mailbox, and we do not want to consider this kind of mail as unwanted! [in a follow-up post, a chart with user-webmail app-SMTP gateway] How would the SMTP gateway know the difference between: a) The webmail app tries to send an original submission to the SMTP gateway (with limitations on the SMTP sender address) b) The webmail app tries to forward email to the SMTP gateway (without limitations on the SMTP sender address) and make this distinction while processing the SMTP MAIL FROM command, before the SMTP gateway has received the email message? Wietse
Re: Postfix resent messages detection
Le 17. 02. 12 19:02, Reindl Harald a écrit : Am 17.02.2012 18:48, schrieb Simon Hintermann: Okay, the webserver is a Plesk server where users can set an email redirection to their external address. I don't know why, but many users do that. i am out here because i never use such software using server configuartions natevily all of the time and if need/usefull develop my own webinterfaces As I cannot handle these sender rules on every single one Plesk I have (qmail or postfix...), I have to set up a mail gateway for outgoing mails. I also have Bluequartz working with sendmail, and Kerio servers, working with custom MTAs. thats the problem with PLESK and ready software in my setups i can enforce psotfix configurations on one central mysql-database and every single relay on any webserver is using this tables as need readonly for enforcing rules So, as I understood, correct me if I'm wrong, my email gateway does only see an email going from a...@toto.com to b...@yahoo.com, none of which are in my local domains. in your case it may be difficult in my setup it is easy * user has a sender-adress to type we are owning, ever * any host is checking for alloweed senders * forwarding are only done on the gateway so the gateway doe snever see any foreign sender for outigoing messages Okay I ask myself something now... In my case I cannot discard all unwanted mails, but perhaps can I detect when there are more than 10 messages / minute (for example) from a single not-local domain? That would dramatically decrease the number of outgoing spams from my infrastructure. I don't know if I can do that with postfix...