The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.
|
 |
|
Dev Shed Forums
> System Administration
> Mail Server Help
|
Postfix Configuration: How to restrict use of CC
Discuss Postfix Configuration: How to restrict use of CC in the Mail Server Help forum on Dev Shed.
Postfix Configuration: How to restrict use of CC Mail Server Help forum discussing tips, tricks, techniques and Spam containment solutions. Topics include mail servers such as Sendmail and Qmail, webmail interfaces such as Squirrelmail and Horde and spam solutions such as SpamAssassin and Bayesian
|
|
 |
|
|
|
|
Dev Shed Forums Sponsor:
|
|
|
January 21st, 2011, 04:58 PM
|
|
Registered User
|
|
Join Date: Jan 2011
Posts: 3
Time spent in forums: 36 m 31 sec
Reputation Power: 0
|
|
|
Postfix Configuration: How to restrict use of CC
I have configured postfix on my server.
telnet mydomain.com 25
helo validdomain.com
mail from: validaddress@validdomain
rcpt to: validuser@mydomain
data
From: validaddress@validdomain
To: validuser@mydomain
CC: user1@domain1,user2@domain2
Subject: Testing postfix
Message body
When I run this test, as expected, the email is delivered to validuser.
However, postfix also delivers it to user1 and user2 despite the fact that the sender does not belong to my domain.
I have implemented client, helo and recipient restrictions as below.
How do I prevent the malicious use of CC as described here?
Thank you
Snap of main.cf
-------------------
smtpd_client_restrictions = permit_mynetworks,
reject_invalid_hostname,
reject_rbl_client zen.spamhaus.org,
reject_unknown_client,
permit
smtpd_helo_restrictions = permit_mynetworks,
check_helo_access hash:/etc/postfix/helo_access,
reject_unauth_pipelining,
reject_non_fqdn_hostname,
reject_invalid_hostname,
warn_if_reject reject_unknown_hostname,
permit
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_non_fqdn_hostname,
reject_invalid_hostname,
permit_mynetworks,
reject_unauth_pipelining,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
reject_unknown_client,
permit
smtpd_sender_restrictions = permit_mynetworks,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_unknown_address
|
January 23rd, 2011, 03:46 PM
|
 |
Contributing User
|
|
Join Date: Oct 2003
Location: Minneapolis, MN
Posts: 356
Time spent in forums: 2 Days 13 h 38 m 46 sec
Reputation Power: 11
|
|
Actually, this is not how postfix (or any MTA, for that matter) works. The only thing the MTA cares about, in terms of recipients, is what is sent as an envelope RCPT TO. That's it. The message headers are completely ignored in terms of To/From/Cc/Bcc, etc. The MTA just doesn't care, it's just part of the message blob that it sends elsewhere (or delivers locally). It may add headers (like Received) and such, but that's about it. I could do the following:
Code:
$ nc postfix-host.example.com 25
220 postfix-host.example.com ESMTP Postfix
HELO myhostname
250 postfix-host.example.com
MAIL FROM: me@example.net
250 2.1.0 Ok
RCPT TO: joeschmoe@example.com
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
To: abominablesnowman@thenorthpole.com
Cc: user@example.com.ck.this.doesnt.exist,user2@pudding
Subject: testing stuff
this is a test
.
250 2.0.0 Ok: queued as 793FF312
quit
221 2.0.0 Bye
Despite what's in the To and Cc fields in the message headers, that message will only go to one recipient, "joeschmoe@example.com". Postfix (or, again, any MTA) only respects the "RCPT TO:" lines of the SMTP transaction as the recipients it will send to. End of story.
__________________
badger badger badger badger
badger badger badger badger
MUSHROOM MUSHROOM
|
January 24th, 2011, 09:33 AM
|
|
Registered User
|
|
Join Date: Jan 2011
Posts: 3
Time spent in forums: 36 m 31 sec
Reputation Power: 0
|
|
|
crustymonkey, thank you for your response.
What you are describing (that postfix should ignore the CC/BCC recipients) was exactly what I expected.
However, to my surprise, my test disproved this:
When I ran the telnet example I originally submitted, user1@domain1 and user2@domain2 actually received the test email (note: domain1 and domain2 are different from my domain or validdomain).
Is it possible that something in my configuration allowed this kind of behavior? However, I don't see anything that would do so.
When you say:
"The message headers are completely ignored in terms of To/From/Cc/Bcc, etc. The MTA just doesn't care"
What happens in the following case?
telnet mydomain.com 25
helo mydomain.com
mail from: validuser@mydomain
rcpt to: validaddress@validdomain
data
From: validuser@mydomain
To: validaddress@validdomain
CC: user1@domain1,user2@domain2
Subject: Testing postfix
Message body
The MTA cannot ignore the CC field, because the sender is a valid user in my domain and the MTA should deliver to all CC recipients.
What controls email delivery to CC/BCC recipients in postfix configuration?
|
January 24th, 2011, 10:03 AM
|
|
Contributing User
|
|
Join Date: Oct 2003
Location: Minneapolis, MN
Posts: 356
Time spent in forums: 2 Days 13 h 38 m 46 sec
Reputation Power: 11
|
|
Read this:
http://www.ietf.org/rfc/rfc2821.txt
Why don't you do an actual telnet/netcat test of that and output the actual results (along with maillogs) showing how your MTA is doing something that postfix does not do by itself. The one that I posted is an actual test that I did. In the posting here, I just manually changed the hostnames and envelope addresses. The message headers and body are *exactly* what I used and the only place that email was even attempted being sent was the envelope RCPT TO.
The only way that is possible is if you had a milter reading the headers and sending mail to the Cc field recips or a header_checks file with similar.
A tip for getting help with postfix that most people don't know. Instead of posting your main.cf file, post the output of "postconf -n". That will show all, non-default, settings.
|
January 25th, 2011, 10:47 AM
|
|
Registered User
|
|
Join Date: Jan 2011
Posts: 3
Time spent in forums: 36 m 31 sec
Reputation Power: 0
|
|
I redid the test.
As this forum doesn't let me enter domain name in the post, I had to twist some of the entries
In my test, I had 3 CCs.
This time, no email was sent to yahoo and hotmail.
But gmx dot com received an email!
I tried different combinations, and gmx always received the email but not the other domains (yahoo, hotmail, etc).
I am at loss at how gmx gets an email from this test...
Code:
220 mydomain ESMTP Postfix
helo yahooCOM
250 mydomain
mail from: validaddress@yahooCOM
250 2.1.0 Ok
rcpt to: validaddress@mydomain
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
From: validaddress@yahooCOM
To: validaddress@mydomain
CC: validaddresss@gmxCOM,validaddress@hotmailCOM,validaddress@yahooCOM
Subject: Test email relay via CC
This is a test
.
250 2.0.0 Ok: queued as C98B322CC6
Below is the mail.log
Code:
Jan 25 07:12:12 myserver postfix/smtpd[862]: C98B322CC6: client=myhomeIP
Jan 25 07:12:25 myserver postfix/cleanup[867]: C98B322CC6: message-id=<>
Jan 25 07:12:25 myserver postfix/qmgr[31664]: C98B322CC6: from=<validAddress@yahooCOM>, size=391, nrcpt=1 (queue active)
Jan 25 07:12:25 myserver postfix/local[868]: C98B322CC6: to=<validmailbox@mydomain>, orig_to=<validuser@mydomain>, relay=local, delay=24, delays=24/0.03/0/0.08, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
Jan 25 07:12:25 myserver postfix/cleanup[867]: 5EEBA22F73: message-id=<>
Jan 25 07:12:25 myserver postfix/local[868]: C98B322CC6: to=<validmailbox@mydomain>, orig_to=<validaddress@mydomain>, relay=local, delay=24, delays=24/0.03/0/0.13, dsn=2.0.0, status=sent (forwarded as 5EEBA22F73)
Jan 25 07:12:25 myserver postfix/qmgr[31664]: 5EEBA22F73: from=<validaddress@yahooCOM>, size=539, nrcpt=1 (queue active)
Jan 25 07:12:25 myserver postfix/qmgr[31664]: C98B322CC6: removed
Jan 25 07:12:26 myserver postfix/smtp[870]: 5EEBA22F73: to=<validaddress@gmxCOM>, orig_to=<validuser@mydomain>, relay=mx0.gmx.com[74.208.5.90]:25, delay=0.87, delays=0.12/0.03/0.46/0.26, dsn=2.6.0, status=sent (250 2.6.0 Message accepted {mx-us011})
Jan 25 07:12:26 myserver postfix/qmgr[31664]: 5EEBA22F73: removed
My postconf -n
Code:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
mydestination = mydomain, myserver, localhost.localdomain, localhost
mydomain = mydomain
myhostname = mydomain
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_non_fqdn_hostname, reject_invalid_hostname, permit_mynetworks, reject_unauth_pipelining, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, reject_unknown_client, permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = hash:/etc/postfix/virtual
|
January 25th, 2011, 09:35 PM
|
|
Contributing User
|
|
Join Date: Oct 2003
Location: Minneapolis, MN
Posts: 356
Time spent in forums: 2 Days 13 h 38 m 46 sec
Reputation Power: 11
|
|
|
Beyond "validaddress@yahooCOM" being in either aliases or the virtual aliases, I'm at a loss for how you are doing this.
|
Developer Shed Advertisers and Affiliates
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
Rate This Thread |
 Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
