Re: [maildropl] segregate non-whitelisted mails?
Brought to you by:
mrsam
From: email b. <ema...@ya...> - 2008-09-04 23:47:14
|
> > 2) The kicker is that I want all other (non-whitelisted senders) mail to be > filtered elsewhere. I think if I can come up with a maildrop script that > accomplishes #1 above, this may not be too hard, but I am concerned about two > things: > > > > a) Reading in a (possibly big) whitelist from a file or database during > maildrop execution may not be efficient(?) and may be hard to code in maildrop > script language > > There are some filtering statements that are geared towards this situation, > see the lookup() function in the maildropfilter man page. It's going to be > as fast as reading a list of regular expressions from a file, and applying > them. Sounds perfect. THANK YOU. As always, maildrop is a WONDERFUL tool! > > b) The FROM header is easily forged -- can I rely on typical postfix > > EHLO and client checks (such as requiring the client domain to match the > > sender domain or whatever) to catch those forgeries and safely be > > naive/trusting of what the FROM header says if I implement this in > > maildrop? Even if this kind of filtering was implemented elsewhere, it'd > > still have to be based on the FROM header, so maybe this question becomes > > irrelevant except to know how much postfix rules can help make the FROM > > header trustable....?? > > This is true, but you are using a whitelist-based approach. For your > approach to be defeated, the attacker has to know exactly what addresses you > are whitelisting. Forging a random address on the From: header won't help -- > the forged address is unlikely to be whitelisted. OK, fair enough. I suppose I am musing about the worst-case scenario when a spammer somehow guesses or steals address(es) from a user whitelist. The most vulnerable example I can think of is when you have users on the same domain/site that have some kind of public profile that can be guessed with a certain amount of certainty to be friends. I suppose the best defense of that is never to allow incoming mail from untrusted servers with your own domain on it and hope the said users don't introduce complications by using other email addresses (school email, work email, etc). In general, in today's world of MySpaces and kids who grow up with lower expectations of privacy, and/or when virus/spam tools can gain enough information to guess about a user's personal contacts, the whitelist becomes vulnerable as far as I can tell. >From what I've read in the last couple hours of research, unless I want to try advanced techniques like matching senders with their IP addresses (which can change, so even such techniques are not 100%), you just have to live with the flaws of whitelisting (even if they are lower risk), at least in today's world. Thanks a lot for your help/input, Sam! |