Date: Fri, 30 Jun 2006 18:51:52 +0100 From: Brian Candler <B.Candler@pobox.com> To: "Michael W. Oliver" <michael@gargantuan.com> Cc: Ow Mun Heng <Ow.Mun.Heng@wdc.com>, isp@freebsd.org Subject: Re: email filtering with GPG Message-ID: <20060630175152.GA9623@uk.tiscali.com> In-Reply-To: <20060629173252.GD78932@gargantuan.com> References: <20060629172040.GC78932@gargantuan.com> <1151601857.14510.5.camel@neuromancer.home.net> <20060629173252.GD78932@gargantuan.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 29, 2006 at 01:32:52PM -0400, Michael W. Oliver wrote: > The more I think about this, the more certain I am that maildrop is the > right place. A user can manage their own .mailfilter configuration to > allow email from whomever they want, but there will still be a GPG > signature xfilter before the final drop to ~/Maildir. > > Sorry if I wasted anyone's time with this thread, I am feeling good > about using maildrop's xfilter now... unless I hear something different. The advantage of doing it in the MTA is that you can respond to the incoming mail with a 5xx response and properly reject it. If you do this after receiving the mail, either you will blackhole the message (i.e. neither the sender nor the recipient will know that a mail has gone missing), or you will have to create a send a bounce message, which will be collateral spam if the incoming mail is a spam with a forged return address. I don't know if Postfix can filter at this point, but Exim certainly can. Another strategy to consider, if all the mail servers are under your control, is to require SMTP with TLS and valid certificates, and reject all non-TLS mail. Your GPG approach would be better if the clients are sending outbound mail through random ISP smarthosts; but I'd argue that clients should be using *your* mailservers as smarthosts, using the message submission service (port 587) and SMTP AUTH to enter mails into the system. With each of the mailservers talking SMTP-TLS to each other, you have a closed and secure mail network, but also the option of adding certain other authorised sources of mail in the future if you wish. Regards, Brian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060630175152.GA9623>