E-mail security

[gbaughma]

Hi guys.

This is carrying over from another thread, thread656-1279601

There are SO MANY settings in Postfix, and I've read and followed other examples and so forth.

Half the time, I end up breaking Postfix so that it won't send or receive e-mails. Luckily, I always make a backup of my postfix config before I do anything... (learned that lesson the hard way)

Anyway... can someone, in a nutshell, tell me how to do the following:

1) When e-mail comes in, I would like it to VERIFY that the sender is who it says it is. For example, if the return address is somename@aol.com, then a reverse-lookup on the sending IP address should show mailsomething.aol.com or whatever.
2) Harvesting: What's the best way to stop harvesting? Of course, #1, should help a LOT... but I want it to return "Service not available" or some-such message that makes the harvesting machine think that there's not an e-mail server running. For example, if someone tries to e-mail to adam@myserver.com, and adam isn't a LOCAL LOGIN, then it should respond back that the service isn't available.
3) Relaying. Even though I have relaying off, for some reason, Postfix still relays *some* messages. If it's not a LOCAL account, in other words, myaddress@myserver.com, then I don't want postfix to "try" to deliver it elsewhere.
4) User access. If I give a friend an e-mail address on my server, why won't postfix allow them to send mail, unless I add them to the permitnetworks setting? If they HAVE a valid user name and a valid password.... I should be able to POP my mail from ANYWHERE, right?


I really need to "fine tune" my e-mail system. I'm still getting hundreds of spams a day, even with SpamAssassin running, not to mention that I'm *continually* being harvested.

More than just a reference, I really need a dumbed-down explaination... like "To make it do a reverse lookup, in /etc/postfix/master.cf put ReverseLookupForced=True" or something like that....

Thanks in advance! I have a lot of *nix experience, but not a lot of Postfix experience; perhaps someone could write a really good postfix/e-mail FAQ for helping to "clean up" e-mail in general?



Just my 2¢

"In order to start solving a problem, one must first identify its owner." --Me
--Greg

http://parallel.tzo.com

 

[thedaver]

I'll offer some comments, none of which are not directed at POSTFIX specifically...

Doing reverse lookups of REPLY-TO or FROM addresses against MX records or DNS is a dicey business, particularly since headers are so easily written to say anything - for legitimate reasons or otherwise. Also, it's quite possible that a specific IP is known as a specific hostname under reverse DNS lookup, but an MX check for another domain could reveal it as another name.... and so on. You could find this to be a very dis-satisfying means of "authenticating" the senders. IMHO.

If you are not doing so, you SHOULD consider using Spamhaus (irrespective of pending litigation) as an RBL/SBL filter against connections to your server in the first place. If you find another xBL list to trust, that's fine, but use something! The easiest way to prevent spam is to refuse to listen to it. Easier said than done, yes, but I would advocate this approach if it will suit your goals.

I would NOT worry about preventing name harvesting if your spam filters are working and learning. This is a personal opinion that would probably be over-ruled by "best practices", but my view is that you can exhaust yourself trying to fine-tune a system to be "spam free", until the spammers change tactics and you're taking it in again. My belief is that unless you are taking on many new user accounts every week/month, it's quite likely that the horse is already out of the barn with regard to your domain(s) being profiled for valid email addresses.

I prefer to be as efficient as possible in processing mail and getting it off/through my system as quickly as possible. Yes, that means users sometimes see spam, but I minimize the impact a spam run will have (in theory...)

Big payoffs come from continually educating the users to avoid common traps...
- careful use of unsubscribe links for those unsubs that are authentic versus provided to harvest. if they can't tell the difference, don't use it.
- not subscribing to or posting to "lists" unless necessary through their email address
- don't share their email address to brokers of things like mortgages, insurance, etc... often their privacy policies allow for selling/leasing information to 3rd parties for business or related contact...
- avoiding chain letter emails
- avoiding responding to spam
- avoiding posting their email in unscrambled form
- etc....

Sometimes it's tough to undo their past mistakes, but the users need to understand that they have a role in managing their own exposure.

It sounds like you have some things to fix on your POSTFIX install to prevent abuses. That's effort worth undertaking and I'm sorry for a long post that doesn't get you any further. I do qmail instead.

Good luck!



D.E.R. Management - IT Project Management Consulting

http://www.dermanagement.com/

 

[lgarner]

Point 1 is well-addressed above, so I'll start with 2.

Before anyone can try to send a message to an email address, valid or not, they must connect to the server. So, they'll know that a server is running.

3. You define the relay parameters, and I don't quite follow. From the comments in my main.cf:

"# By default, Postfix relays mail
# - from "trusted" clients (IP address matches $mynetworks) to any destination,
# - from "untrusted" clients to destinations that match $relay_domains or
# subdomains thereof, except addresses with sender-specified routing.
# The default relay_domains value is $mydestination."

So, there should be no relaying except for these conditions. Maybe something isn't set up right in main.cf.

4. This relates to relaying in #3. For your friend to relay mail through your server, a better approach is smtp-auth. There are a few tutorials out there; I don't remember where I found the one that I used. Since he can't send mail through your server it appears that relay control is working.

I'm a bit confused by the last part of Q4: "If they HAVE a valid user name and a valid password.... I should be able to POP my mail from ANYWHERE, right?"

The short answer seems to be "right", but POP is unrelated to Postfix and their userid/password. If they can send mail to your server, and you have a POP daemon configured and running, then barring any firewall rules you should be able to download your mail from anywhere.