email builder writes:
2) The kicker is that I want all other (non-whitelisted senders) mail to be
filtered elsewhere. I think if I can come up with a maildrop script that
accomplishes #1 above, this may not be too hard, but I am concerned about two
things:
a) Reading in a (possibly big) whitelist from a file or database during
maildrop execution may not be efficient(?) and may be hard to code in maildrop
script language
There are some filtering statements that are geared towards this situation,
see the lookup() function in the maildropfilter man page. It's going to be
as fast as reading a list of regular expressions from a file, and applying
them.
b) The FROM header is easily forged -- can I rely on typical postfix
EHLO and client checks (such as requiring the client domain to match the
sender domain or whatever) to catch those forgeries and safely be
naive/trusting of what the FROM header says if I implement this in
maildrop? Even if this kind of filtering was implemented elsewhere, it'd
still have to be based on the FROM header, so maybe this question becomes
irrelevant except to know how much postfix rules can help make the FROM
header trustable....??
This is true, but you are using a whitelist-based approach. For your
approach to be defeated, the attacker has to know exactly what addresses you
are whitelisting. Forging a random address on the From: header won't help --
the forged address is unlikely to be whitelisted.
10 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] segregate non-whiteli...
