On Mon, Mar 12, 2012 at 9:48 PM, Nataraj incoming-centos@rjl.com wrote:
On 03/12/2012 02:25 PM, m.roth@5-cent.us wrote:
Bob Hoffman wrote:
I have had the same email address since 1997 (when microsoft stole bob.com from me thanks to network solutions...)
I remember reading about you, vaguely.
<snip> > Now I have set up a centos 6 box using postfix. Today I decided to try > to add smtpd restrictions. After a lot of reading and testing I 'seem' > to be doing incredible. > I wanted to share my current working postfix smtpd restrictions area so > that others who are interested can start with it. <snip> Here's a question: is there any way to inspect an email's headers, and reject it if the alleged FWDN in the From:" doesn't match the oldest "Received: "?
mark
That would be a good test. Postfix does have the ability to match regular expressions on headers, but the tests are limited to testing a single line at a time. You can however write one of several types of postfix content inspection modules using your favorite programming or scripting language. If you use one of the before queue inspection methods and you have a busy mail server, you have to watch out that you don't introduce delays that could cause clients to time out.
You might also look around to see if there's something out there that would already do that.
Check out http://www.postfix.org/CONTENT_INSPECTION_README.html I don't think it's that hard to throw together a perl or python script to do this. I have more experience with the policy daemon though.
With sendmail, using MimeDefang as a milter was one of the best approaches, because then you could control all of the other usual (spamassassin, clamav, etc.) or custom steps with a small snippet of perl. I think the postfix milter interface is at least theoretically compatible these days but I haven't tried them together. The way MimeDefang multiplexes the fast/slow operations and extracts the attachments only once for any number of scans is particularly efficient.