Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Qmail>
  3. users
limit outgoing "from" to domains in rcpthosts
ahlist at gmail
Apr 25, 2012, 6:13 PM
Post #1 of 2 (1797 views)
Permalink
Hi,

Is there a way/patch to limit outgoing mail's "from" to domains in
rcpthosts. Goal is to further lockdown outgoing spam so that obvious
junk such as "@some-bank.com", "@paypal.com", etc. is junked (or
better saved so an admin can track which valid user it came from).

Also, what is the prefer patch and/or wrapper to monitor the number of
mails each user is sending?

Thanks.
Re: limit outgoing "from" to domains in rcpthosts [ In reply to ]
kyle-qmail at memoryhole
Apr 29, 2012, 9:24 AM
Post #2 of 2 (1691 views)
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Wednesday, April 25 at 09:13 PM, quoth ahlist:
> Is there a way/patch to limit outgoing mail's "from" to domains in
> rcpthosts.

The first way that springs to mind is a simple wrapper around
qmail-remote. All you have to do is compare the second argument to
rcpthosts, like this:

#!/bin/bash
if grep -q "$2" /var/qmail/control/rcpthosts ; then
exec /var/qmail/bin/qmail-remote.orig "$@"
else
# If you want to save it, cat it somewhere here, e.g.:
# safecat /var/log/spam_msgs/tmp /var/log/spam_msgs/cur
fi

That assumes that you moved the original qmail-remote binary to
/var/qmail/bin/qmail-remote.orig

If you already use a wrapper around qmail-remote (like my DKIM
wrapper), that logic should be easy to add.

> Also, what is the prefer patch and/or wrapper to monitor the number
> of mails each user is sending?

This would be log analysis; there are a couple good packages, starting
with DJB's own qmailanalyse, and going on to Dr. Hoffman's newanalyse
package.

Hope that helps!

~Kyle
- --
There are four boxes to be used in defense of liberty: soap, ballot,
jury, and ammo. Please use in that order.
-- Ed Howdershelt
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iQIcBAEBCAAGBQJPnWtBAAoJECuveozR/AWeRNIP/0SewuLJQNhEhxfJORcfJe9O
CldQUHhCnsq6NzTEgkO+eTzJQ7q8VG2bArdW6FU2z9yr8naKKLpuYgGW0jFTlmP5
kuHstaRqzU48yDqgqccsut89pbadvphkAFSVGDaqK2b/t/RMIclobOf+lSiUpBTq
zeHX8RIeLnYoCBv8S0WRT8NqyT3srjQ/fvs0LEgeriKlH5Yfm7uTQnTwMznyJMGU
qNm9IPsBxqH/dY/YTD/SRgBZ36UA8bcGdyw05IN64tQ8DUtzGwajpEU9ujPCSNig
PjsVfLf5hK59V8jOd+DElPhe0Yo8h6RB5tbgEcrP06sE0lJYB4zKOTdiE7OxPWMg
AW6mCV+zjvPwldqxL5gdaRy9nJeogzKnW3LlWNg3rVAHWJ8klcaILywX7YUvg5Ji
nsUsQKX6lfw0xQkVy7fPfw7iT5AQRdHGMNOtXNM1gDzhPDxn2Rx9UlYdz4RseRbZ
rXKqP3UT4y4rYOXRHoGV01De8U8xiBhBZKBSq2R2NNBfem1/6eOuWSFpF4lylKDB
gyphw67udHb/qvP3e3gqlltuRrpH+9IcUOlgsCeIHzhdtMxgROr04svxL+QWrnM2
2rAARqAtE0NhEzoMhspgLPQEiXfLTIpdt6g2LKWeXaawMqpD0Vew5t3nv1rilNFR
x9VhUs+y+9Af9B7H9P0A
=wX2p
-----END PGP SIGNATURE-----

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal