From owner-freebsd-isp@FreeBSD.ORG  Wed Jul 19 15:59:11 2006
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
X-Original-To: freebsd-isp@freebsd.org
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8F22316A4DF
	for <freebsd-isp@freebsd.org>; Wed, 19 Jul 2006 15:59:11 +0000 (UTC)
	(envelope-from darren.pilgrim@bitfreak.org)
Received: from mail.twinthornes.com (mail.twinthornes.com [65.75.198.147])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1538543D49
	for <freebsd-isp@freebsd.org>; Wed, 19 Jul 2006 15:59:10 +0000 (GMT)
	(envelope-from darren.pilgrim@bitfreak.org)
Received: from [10.242.169.24] (c-67-171-135-169.hsd1.or.comcast.net
	[67.171.135.169])
	by mail.twinthornes.com (Postfix) with ESMTP id C175A21;
	Wed, 19 Jul 2006 08:59:09 -0700 (PDT)
Message-ID: <44BE56CC.8020009@bitfreak.org>
Date: Wed, 19 Jul 2006 08:59:08 -0700
From: Darren Pilgrim <darren.pilgrim@bitfreak.org>
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
MIME-Version: 1.0
To: User Ernie <ernie@puremail.eis.net.au>
References: <200607190657.k6J6vGhF075077@puremail.eis.net.au>
In-Reply-To: <200607190657.k6J6vGhF075077@puremail.eis.net.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-isp@freebsd.org
Subject: Re: Whitelist-only email server
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2006 15:59:11 -0000

User Ernie wrote:
> Has anybody set up a whitelist-only email server on FreeBSD that rejects all
> emails except ones that are in the users personal whitelist?

	I did one such system using Postfix, Courier-IMAP and Squirrelmail with 
a MySQL backend.  I modified the address book forms to include a 
white-listing checkbox.  Users added addresses to their address books, 
then checked the "Allow this person to send me email" checkbox, with the 
effect of setting a "whitelist" column in the address table to either 0 
or 1.  I configured Postfix with seperate inbound and submission ports 
and added check_sender_access on the inbound port and 
check_recipient_access on the submission port.  Both were mysql maps to 
Squirrelmail's address table:

SELECT email FROM `address` WHERE email='%s' AND whitelist=1

The check_recipient_access and a submission port were included because I 
felt it reasonable to require users to permit a response in order to 
send a message to someone.  This was later combined with a Squirrelmail 
plugin that added automatic address collection and the whitelist column 
defaulted to 1.

-- 
Darren Pilgrim