|
List Info
Thread: restrict email
|
|
| restrict email |
|
2006-08-30 18:56:27 |
>From: "Jorge Bastos" <mysql.jorge decimal.pt>
>Reply-To: DBMail mailinglist <dbmaildbmail.org>
>To: "DBMail mailinglist" <dbmaildbmail.org>
>Subject: Re: [Dbmail] restrict email
>Date: Wed, 30 Aug 2006 09:07:37 +0100
>
>What should the other two entries be in main.cf ?
>I have this one,
>local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf
>
>Is this the exact line you have in main.cf?
>lira:/etc/postfix# cat sql-recipients.cf
>
>
>No Jim,
>"lira:/etc/postfix# cat sql-recipients.cf"
was just me doing a cat in my
>shell to the file to show it
>
>in main.cf just add:
>local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf
>
>
>----- Original Message ----- From: "Jim
Douglas" <jdz99hotmail.com>
>To: <dbmaildbmail.org>
>Sent: Wednesday, August 30, 2006 4:15 AM
>Subject: Re: [Dbmail] restrict email
>
>
>> >From: "Jorge Bastos"
<mysql.jorgedecimal.pt>
>>>Reply-To: DBMail mailinglist <dbmaildbmail.org>
>>>To: "DBMail mailinglist"
<dbmaildbmail.org>
>>>Subject: Re: [Dbmail] restrict email
>>>Date: Tue, 29 Aug 2006 23:35:56 +0100
>>>
>>>not understood
>>>
>>>---
>>>>is this one line or two?
>>>>
>>>>lira:/etc/postfix# cat sql-recipients.cf
>>>---
>>>
>>>???
>>>
>>>
>>>----- Original Message ----- From: "Jim
Douglas" <jdz99hotmail.com>
>>>To: <dbmaildbmail.org>
>>>Sent: Tuesday, August 29, 2006 11:06 PM
>>>Subject: Re: [Dbmail] restrict email
>>>
>>>
>>>> >From: "Jorge Bastos"
<mysql.jorgedecimal.pt>
>>>>>Reply-To: DBMail mailinglist
<dbmaildbmail.org>
>>>>>To: "DBMail mailinglist"
<dbmaildbmail.org>
>>>>>Subject: Re: [Dbmail] restrict email
>>>>>Date: Tue, 29 Aug 2006 22:51:17 +0100
>>>>>
>>>>>i use:
>>>>>
>>>>>
>>>>>local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf
>>>>>lira:/etc/postfix# cat sql-recipients.cf
>>>>>user = user_xx
>>>>>password = pass_xx
>>>>>hosts = 127.0.0.1
>>>>>dbname = postfix
>>>>>table = dbmail_aliases
>>>>>select_field = alias
>>>>>where_field = alias
>>>>>
>>>>>
>>>>>----- Original Message ----- From:
"Jim Douglas" <jdz99hotmail.com>
>>>>>To: <dbmaildbmail.org>
>>>>>Sent: Tuesday, August 29, 2006 10:25 PM
>>>>>Subject: Re: [Dbmail] restrict email
>>>>>
>>>>>
>>>>>> >From: jacques-beaudoincspi.qc.ca
>>>>>>>Reply-To: DBMail mailinglist
<dbmaildbmail.org>
>>>>>>>To: dbmaildbmail.org
>>>>>>>Subject: Re: [Dbmail] restrict
email
>>>>>>>Date: Mon, 28 Aug 2006 22:10:17
-0400
>>>>>>>
>>>>>>>Hi,
>>>>>>>
>>>>>>>Use Postfix with RBLs and
Postgrey and kiss spam good bye
>>>>>>>
>>>>>>>Dbmail as nothing to do with
spams.
>>>>>>>
>>>>>>>--
>>>>>>>Cordialement
>>>>>>>
>>>>>>>Jacques Beaudoin
>>>>>>>Agent d'administration
>>>>>>>Les services des technologies
>>>>>>>de l'information et des
communications
>>>>>>>Commission scolaire de la Pointe
de l'Île
>>>>>>>Montréal, Québec, Canada
>>>>>>>
>>>>>>>Courriel/Email:
jacques-beaudoincspi.qc.ca
>>>>>>>Cel: 514 918-3350
>>>>>>>
>>>>>>>
>>>>>>>----- Message de jdz99hotmail.com ---------
>>>>>>> Date : Tue, 29 Aug 2006
01:45:48 +0000
>>>>>>> De : Jim Douglas
<jdz99hotmail.com>
>>>>>>>Répondre à : DBMail mailinglist
<dbmaildbmail.org>
>>>>>>> Objet : [Dbmail] restrict
email
>>>>>>> À : dbmaildbmail.org
>>>>>>>
>>>>>>>
>>>>>>>>Should I look to prevent
spam and set restriction from within
>>>>>>>>Postfix
>>>>>>>>AND db-mail? Can someong
outline how db-mail can help the fight.
>>>>>>>>
>>>>>>>>Jim
>>>>>>>>
>>>>>>>>
>>>>>>>>____________________________
___________________
>>>>>>>>Dbmail mailing list
>>>>>>>>Dbmaildbmail.org
>>>>>>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>>>>
>>>>>>>
>>>>>>>----- Fin du message de
jdz99hotmail.com -----
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>--------------------------------
--------------------------------
>>>>>>>Ce message a été acheminé par le
Webmail Horde/Imp de la CSPI.
>>>>>>>
>>>>>>>________________________________
_______________
>>>>>>>Dbmail mailing list
>>>>>>>Dbmaildbmail.org
>>>>>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>>>
>>>>>>
>>>>>>What is the best way to reject mail
if the user doesn't have an
>>>>>>account?
>>>>>>
>>>>>>Check_recipient_access? AS outlined
here,
>>>>>>
>>>>>>http://www.postfix.org/securityportal.200011/clo
set20001122.html
>>>>>>
>>>>>>jim
>>>>>>
>>>>>>
>>>>>>____________________________________
___________
>>>>>>Dbmail mailing list
>>>>>>Dbmaildbmail.org
>>>>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>>>
>>>>>
>>>>>________________________________________
_______
>>>>>Dbmail mailing list
>>>>>Dbmaildbmail.org
>>>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>
>>>>
>>>>is this one line or two?
>>>>
>>>>lira:/etc/postfix# cat sql-recipients.cf
>>>>
>>>>Thanks,
>>>>Jim
>>>>
>>>>
>>>>____________________________________________
___
>>>>Dbmail mailing list
>>>>Dbmaildbmail.org
>>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>>>
>>>
>>>_______________________________________________
>>>Dbmail mailing list
>>>Dbmaildbmail.org
>>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>
>>Jorge,
>>
>>I have similar entries in
/etc/postfix/sql-recipients.cf
>>user = user_xx
>>password = pass_xx
>>hosts = 127.0.0.1
>>dbname = postfix
>>table = dbmail_aliases
>>select_field = alias
>>where_field = alias
>>
>>What should the other two entries be in main.cf ?
>>I have this one,
>>local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf
>>
>>Is this the exact line you have in main.cf?
>>lira:/etc/postfix# cat sql-recipients.cf
>>
>>Thanks,
>>Jim
>>
>>
>>_______________________________________________
>>Dbmail mailing list
>>Dbmaildbmail.org
>>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
>>
>
>_______________________________________________
>Dbmail mailing list
>Dbmaildbmail.org
>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
I have,
local_recipient_maps = mysql:/etc/postfix/sql-recipients.cf
In main.cf and I'm still able to recieve mail to users not
listed in
dbmail_users and dbmail_aliases?
Is there another setting somewhere ?
Thanks,
Jim
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 07:27:37 |
Jim Douglas wrote:
> I have, local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf In
> main.cf and I'm still able to recieve mail to users
not listed in
> dbmail_users and dbmail_aliases?
>
> Is there another setting somewhere ?
What's the contents of sql-recipients.cf? Are the passwords
etc correct?
Does postfix at all have mysql support? To check it you can
do:
# ldd `which postfix` | grep -i my
You should get something like this:
libmysqlclient.so.15 =>
/usr/lib/libmysqlclient.so.15 (0x401a1000)
If you don't, then you have to install a postfix-mysql
package from your
distro. If there ain't none, then you have to recompile
postfix
yourself. I had to do so for SLES9.
HTH,
Alex
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 07:27:37 |
Jim Douglas wrote:
> I have, local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf In
> main.cf and I'm still able to recieve mail to users
not listed in
> dbmail_users and dbmail_aliases?
>
> Is there another setting somewhere ?
What's the contents of sql-recipients.cf? Are the passwords
etc correct?
Does postfix at all have mysql support? To check it you can
do:
# ldd `which postfix` | grep -i my
You should get something like this:
libmysqlclient.so.15 =>
/usr/lib/libmysqlclient.so.15 (0x401a1000)
If you don't, then you have to install a postfix-mysql
package from your
distro. If there ain't none, then you have to recompile
postfix
yourself. I had to do so for SLES9.
HTH,
Alex
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 13:13:57 |
>From: Aleksander <aleksanderkrediidiinfo.ee>
>Reply-To: DBMail mailinglist <dbmaildbmail.org>
>To: DBMail mailinglist <dbmaildbmail.org>
>Subject: Re: [Dbmail] restrict email
>Date: Thu, 31 Aug 2006 10:27:37 +0300
>
>Jim Douglas wrote:
>>I have, local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf In
>>main.cf and I'm still able to recieve mail to users
not listed in
>>dbmail_users and dbmail_aliases?
>>
>>Is there another setting somewhere ?
>What's the contents of sql-recipients.cf? Are the
passwords etc correct?
>
>Does postfix at all have mysql support? To check it you
can do:
># ldd `which postfix` | grep -i my
>
>You should get something like this:
> libmysqlclient.so.15 =>
/usr/lib/libmysqlclient.so.15 (0x401a1000)
>
>If you don't, then you have to install a postfix-mysql
package from your
>distro. If there ain't none, then you have to recompile
postfix yourself. I
>had to do so for SLES9.
>
>HTH,
> Alex
>_______________________________________________
>Dbmail mailing list
>Dbmaildbmail.org
>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
sending/receivin email is no problem, receivin for unknown
recipients is the
problem...here's the mysql:/etc/postfix/sql-recipients.cf
user = dbmail
password = mypass
hosts = localhost
dbname = dbmail
table = dbmail_aliases
select_field = alias
where_field = alias
I was reading this article,
http://www.postfix.org/securityportal.200011/clo
set20001122.html
..and hoping there was a way to 'check_recipient_access'
in dbmail rather
than maintaining a "access-inbound" file...
smtpd_sender_restrictions = check_recipient_access
hash:/etc/postfix/access-inbound
Then in your /etc/postfix/access-inbound file, simply put,
validuserexample.org OK
example.org REJECT
Thanks,
Jim
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 13:57:03 |
Jim Douglas wrote:
> sending/receivin email is no problem, receivin for
unknown recipients is
> the problem.
I understand, you want postfix to only deliver mail to valid
accounts.
But if you want postfix to check for valid email aadresses
in the dbmail
database, then postfix has to be linked to mysql. Otherwise
postfix just
doesn't know what this "mysql" in
"local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf" means.
In the linked example the author uses "hash",
which basically means the
aadresses are in that file. But when using mysql, postfix
has to connect
to the mysql db and look there for the aliases.
So use ldd or see with what options/flags postfix was
compiled with.
Anyway, if postfix knows how to use mysql, there's one more
thing what
might be your problem. If you have an alias like
"example.com" or
"example.com" in the dbmail_aliases table, then
postfix will accept all
mails, like asdasdasdexample.com. Get rid of that catch-all
alias.
In main.cf I have these three lines:
receive_override_options = no_address_mappings
local_recipient_maps = mysql:/etc/postfix/sql-recipients.cf
unknown_local_recipient_reject_code = 550
Alex
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 14:24:38 |
>From: Aleksander <aleksanderkrediidiinfo.ee>
>Reply-To: DBMail mailinglist <dbmaildbmail.org>
>To: DBMail mailinglist <dbmaildbmail.org>
>Subject: Re: [Dbmail] restrict email
>Date: Thu, 31 Aug 2006 16:57:03 +0300
>
>Jim Douglas wrote:
>>sending/receivin email is no problem, receivin for
unknown recipients is
>>the problem.
>
>I understand, you want postfix to only deliver mail to
valid accounts. But
>if you want postfix to check for valid email aadresses
in the dbmail
>database, then postfix has to be linked to mysql.
Otherwise postfix just
>doesn't know what this "mysql" in
"local_recipient_maps =
>mysql:/etc/postfix/sql-recipients.cf" means.
>
>In the linked example the author uses
"hash", which basically means the
>aadresses are in that file. But when using mysql,
postfix has to connect to
>the mysql db and look there for the aliases.
>
>So use ldd or see with what options/flags postfix was
compiled with.
>
>Anyway, if postfix knows how to use mysql, there's one
more thing what
>might be your problem. If you have an alias like
"example.com" or
>"example.com" in the dbmail_aliases table, then
postfix will accept all
>mails, like asdasdasdexample.com. Get rid of
that catch-all alias.
>
>In main.cf I have these three lines:
>
>receive_override_options = no_address_mappings
>local_recipient_maps =
mysql:/etc/postfix/sql-recipients.cf
>unknown_local_recipient_reject_code = 550
>
>Alex
>_______________________________________________
>Dbmail mailing list
>Dbmaildbmail.org
>htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
Alex,
It was the "mydomain.com" entry that was doing
it..
Now I'm wondering what other Postfix commands I don't
need because dbmail
is taking care of it,
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_recipient_restrictions =
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
permit_mynetworks,
reject_unauth_destination,
reject_rbl_client relays.ordb.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client proxies.relays.monkeys.com
reject_rbl_client opm.blitzed.org
reject_rbl_client dnsbl.njabl.org
reject_rbl_client blackholes.wirehub.net
reject_rbl_client list.dsbl.org
permit
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
Thanks,
Jim
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
| restrict email |
|
2006-08-31 15:00:41 |
Jim Douglas wrote:
> It was the "mydomain.com" entry
that was doing it..
I discovered it when bastard tried to send my users viruses.
He tried to
guess (dictionary attack) thousands of addresses with my
domain. I was
very surprised when the virus count jumped from ~200 to
~5000 overnight
 .
Fortunately nothing bad happened as clamav detected all the
viruses.
> Now I'm wondering what other Postfix commands I
don't need because
> dbmail is taking care of it,
I'm not much of a postfix guru. I start with the config my
distro,
sles9, provides and then add a few things like this
recipient check. I
don't trust RBL's at all. All spam matters are handled by
dspam. Which
is directly trained by the end users themselves.
Good luck with your setup,
Alex
_______________________________________________
Dbmail mailing list
Dbmaildbmail.org
htt
ps://mailman.fastxs.nl/mailman/listinfo/dbmail
|
|
[1-7]
|
|