Notify Sender when a virus is detected
Damien Robinet
damien at robinet.net
Wed May 25 16:04:08 CEST 2011
Hallo Steve,
With the same script I check the sender, the mail limit from the user
(1000 on 24h max), what's the SMTP-OUT server for this user, ... and
many others check.
Gruss
Damien
2011/5/25 Steve <steeeeeveee at gmx.net>:
>
> -------- Original-Nachricht --------
>> Datum: Wed, 25 May 2011 14:54:17 +0200
>> Von: Damien Robinet <damien at robinet.net>
>> An: amavis-users at amavis.org
>> Betreff: Re: Notify Sender when a virus is detected
>
>> Hi Gary,
>>
>> Not, it's not possible, because if you have a SMTP login to my server,
>> I check if you use the good FROM.
>>
>> I start my policy with that:
>> if($attr{"sasl_username"} =~ /^[\w\.-_]+\@[\w\.-]+$/) {
>>
>> One example of my rule:
>> if($status == 0) {
>> my $track1 = $mysql->prepare("SELECT domain
>> FROM mail_rewrite WHERE domain = '\@$sender_from' AND goto =
>> '\@$sender_domain'");
>> $track1->execute();
>> if(my $ref1 = $track1->fetchrow_hashref()) {
>> $status = 1;
>> }
>> }
>>
>> And if the sender (from) are not allowed with the sasl login:
>> $mysql->disconnect;
>> return "reject Sender address $sender_from not
>> owned by $sender_domain";
>> }
>>
>> If the sender match, i return "dunno".
>>
>> I use my policy with the smtpd_end_of_data_restrictions of postfix :)
>>
> Why so complicated when you can use a simple smtpd_sender_login_maps in Postfix directly?
>
>
>> Regards,
>> Damien
>>
>> 2011/5/24 Gary V <mr88talent at gmail.com>:
>> >
>> > I think if it's a virus it could still fake sender address regardless
>> > of whether it comes from trusted networks or authenticated clients. I
>> > think if it is smart enough to be able to relay through your server,
>> > it would at least be smart enough to attempt forging the sender
>> > address. Same applies to spam or banned files that are created by
>> > spambots/malware or whatever.
>> >
>> > --
>> > Gary V
>> >
>
> --
> NEU: FreePhone - kostenlos mobil telefonieren!
> Jetzt informieren: http://www.gmx.net/de/go/freephone
>
More information about the amavis-users
mailing list