Mysql – How to limit sender domain for mail sent to specific forwarding addresses in Postfix

configurationemailMySQLpostfix

I presently have a Postfix installation happily delivering mail (webmail/IMAP) for 100+ users at our company, broadly divided among several domains (sales, operations, management, etc). Recently, someone leaked (don't know who, doesn't matter) the collective address for the salespeople to a spam harvester, who is now spear-phishing with that because it goes to 30+ sales employees. The forward looks like this:

salespeople@mycompany.com ====> bill@mycompany.com, charles@mycompany.com, dan@mycompany.com …zed@mycompany.com

Each of them are now receiving via that forwarding address much spam to contact HR at (malicious link) to update their W-2 address, or collect a secure message, or somesuch.

The forward was set up with the foreknowledge that such a forward could be misused and probably would be at some point, but political constraints forced its creation before I was able to look into how to limit it, and then it worked and wasn't abused for more than three years. There's probably a commentary on the relative unimportance of my company or an underestimation of human nature in there somewhere.

What I want is only to allow mail to that forwarding address (but not ANY forwarding address, as I have several which are info@ types) only from email addresses in specified domains, i.e. @mycompany.com.

My Postfix installation is using MySQL virtual lookups for domains, forwarding, and users, similar to what's described here and other places on the net. It all works flawlessly at this point, except that some forwards are a little too easy to mail to.

Once again, I only want to limit sender domain for selected forwards, not all forwards. We are presently mitigating this by using the bcc: field when mailing to these lists, so the actual list address doesn't leave the building. This does limit discussion among the recipients via reply-all, not sure if that's a feature or bug at this point.

Best Answer

Probably the best solution would be to use a mailing list or to write custom SpamAssassin rules, but there is also a simple, if a little brittle, way of doing this purely in Postfix using smtpd_recipient_restrictions.

Add the following to smptd_recipient_restrictions in main.cf:

check_sender_access hash:/etc/postfix/sender_access, check_recipient_access hash:/etc/postfix/recipient_access

In /etc/postfix/sender_access, write a rule that permits mycompany.com:

mycompany.com OK

In /etc/postfix/recipient_access, write a rule that blocks mail to salespeople@mycompany.com:

salespeople@mycompany.com REJECT Sorry, only mycompany.com can mail this address

Be sure to recompile these files after any changes by running the postmap command:

postmap /etc/postfix/sender_access
postmap /etc/postfix/recipient_access

The first smptd_recipient_restrictions rule checks the sender. If it's in the mycompany.com domain, the message is immediately accepted. If not, it will advance to the next rule, which checks the recipient. If it's your salespople alias, it's rejected. As you can see, it accomplishes what you need, though it's a little inflexible becuase you can't arbitrarily pair up sender domains with recipient addresses.

If you already have smptd_recipient_restrictions rules in place, make sure you position these rules so you're not accidentally short-circuiting other rules.

You can probably store the sender_access and recipient_access tables in MySQL instead of files, though I have no experience with that.

Best Answer

Related Solutions

Postfix – Avoid Creating Backscatter on a Forwarding Server

Linux – How to limit amount of email sent by postfix to certain domains and control it by using mail header

Question

Related Topic