Date: Wed, 19 Jul 2006 13:24:46 +0100 From: Brian Candler <B.Candler@pobox.com> To: User Ernie <ernie@puremail.eis.net.au> Cc: freebsd-isp@freebsd.org Subject: Re: Whitelist-only email server Message-ID: <20060719122446.GA30611@uk.tiscali.com> In-Reply-To: <200607190657.k6J6vGhF075077@puremail.eis.net.au> References: <200607190657.k6J6vGhF075077@puremail.eis.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 19, 2006 at 04:57:16PM +1000, User Ernie wrote: > Has anybody set up a whitelist-only email server on FreeBSD that rejects all > emails except ones that are in the users personal whitelist? It's certainly doable in exim. In fact, using exim ACLs, you can reject at SMTP time: e.g. MAIL FROM:<foo@bar.com> RCPT TO:<user@example.com> 550 user@example.com does not accept mail from foo@bar.com This means you don't have to worry about generating bounces and hence generating 'collateral spam'. The lookup for allowed recipients can be done anywhere you like - in a file (e.g. $HOME/.allowfrom), in a DBM file, or even in an LDAP or SQL database. OTOH, it does depend on the sender's MTA generating valid envelope-sender addresses. Not all do, and also there are a number of envelope-sender-mangling schemes out there (e.g. SES, BATV) which you would have to decode to extract the sender address. All of this is possible though. Have you considered, however, what you will do with bounces - i.e. MAIL FROM:<> ? > I am trying to figure out how to do it, I know it's an anti-spam solution > for advanced email users who understand the implications of what > legitimate emails they might miss as a consequence. The other approach is to do this post-delivery, using a filtering program of your choice (e.g. procmail) or MTA-embedded filtering (e.g. sieve in Exim). However, if the filter then makes a decision to reject the mail, you will either blackhole it, move it into a 'Spam' folder (which is as good as blackholing), or send a fresh outgoing bounce (which is more than likely going to be collateral spam to an innocent third party) Regards, Brian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060719122446.GA30611>