Notify Sender when a virus is detected

Steve steeeeeveee at gmx.net
Thu May 26 00:05:18 CEST 2011


-------- Original-Nachricht --------
> Datum: Wed, 25 May 2011 16:04:08 +0200
> Von: Damien Robinet <damien at robinet.net>
> An: amavis-users at amavis.org
> Betreff: Re: Notify Sender when a virus is detected

> Hallo Steve,
> 
Hello Damien,


> With the same script I check the sender, the mail limit from the user
> (1000 on 24h max), what's the SMTP-OUT server for this user, ... and
> many others check.
> 
well... I did not know that. I only saw that you do a sender/login mismatch at smtpd_end_of_data_restrictions level and to me this is a waste of resources to do that kind of checks when the whole mail has been submitted to Postfix. I personally like to disconnect the offending sender as soon as possible and I like to save resources where ever possible. By using Postfix internal methods I can use stuff like proxy to cache the result of a SQL lookup and speed up delivery. Plus I can have that map in many different formats, etc. Off course I understand that it is fun to code own stuff (I do that too) but why reinventing the wheel when there are many Postfix policy delegation applications that already implement stuff like per sender limits and other stuff? Anyway... sorry for the noise. I did not know that you have more functionality than this sender/login mismatch in your script.


> Gruss
> Damien
> 
Gruss zurück

Steve


> 2011/5/25 Steve <steeeeeveee at gmx.net>:
> >
> > -------- Original-Nachricht --------
> >> Datum: Wed, 25 May 2011 14:54:17 +0200
> >> Von: Damien Robinet <damien at robinet.net>
> >> An: amavis-users at amavis.org
> >> Betreff: Re: Notify Sender when a virus is detected
> >
> >> Hi Gary,
> >>
> >> Not, it's not possible, because if you have a SMTP login to my server,
> >> I check if you use the good FROM.
> >>
> >> I start my policy with that:
> >> if($attr{"sasl_username"} =~ /^[\w\.-_]+\@[\w\.-]+$/) {
> >>
> >> One example of my rule:
> >>                 if($status == 0) {
> >>                         my $track1 =
> $mysql->prepare("SELECT domain
> >> FROM mail_rewrite WHERE domain = '\@$sender_from' AND goto =
> >> '\@$sender_domain'");
> >>                         $track1->execute();
> >>                         if(my $ref1 =
> $track1->fetchrow_hashref()) {
> >>                                 $status = 1;
> >>                         }
> >>                 }
> >>
> >> And if the sender (from) are not allowed with the sasl login:
> >> $mysql->disconnect;
> >>                         return "reject Sender address
> $sender_from not
> >> owned by $sender_domain";
> >>                 }
> >>
> >> If the sender match, i return "dunno".
> >>
> >> I use my policy with the smtpd_end_of_data_restrictions of postfix :)
> >>
> > Why so complicated when you can use a simple smtpd_sender_login_maps in
> Postfix directly?
> >
> >
> >> Regards,
> >> Damien
> >>
> >> 2011/5/24 Gary V <mr88talent at gmail.com>:
> >> >
> >> > I think if it's a virus it could still fake sender address regardless
> >> > of whether it comes from trusted networks or authenticated clients. I
> >> > think if it is smart enough to be able to relay through your server,
> >> > it would at least be smart enough to attempt forging the sender
> >> > address. Same applies to spam or banned files that are created by
> >> > spambots/malware or whatever.
> >> >
> >> > --
> >> > Gary V
> >> >
> >
> > --
> > NEU: FreePhone - kostenlos mobil telefonieren!
> > Jetzt informieren: http://www.gmx.net/de/go/freephone
> >

-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


More information about the amavis-users mailing list