Server :: Sendmail: Block Specific Sender To Specific Recipient?
Oct 1, 2009
I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
This seems like a relatively simple question, but I haven't been able to figure it out from the documentation after a couple of hours of searching. I'm running postfix on my mail server, and the vast majority of my spam has the sender address spoofed to match the recipient address. I've got spamassassin up and running, and very little gets through that, so it's not a serious problem, but if possible I would like to be able to reject the mail before it arrives to reduce the system load.
Mail is sent locally via webmail, relaying is denied, so the only way that mail should be sent from the domain is via a connection from localhost. The basic idea I'm thinking of is if the MAIL FROM sender claims to be an address at the receiving domain, but is connected from a remote IP, the mail should be rejected.
We have MS Exchange email server with postfix/amavis on FreeBSD as proxy for anti-spam and anti-virus. We use our own developed CRM and trying to implement such functionality that when CRM manager send email to CRM client or vice versa through email client like Outlook (no plugins for CRM) this message would be shown in CRM. There is already a solution to parse emails from specific emailbox and show it in CRM.
What I need is to create postfix email filter to check if sender email is in file CRM_managers_emails and recipient email is in file CRM_clients_emails then forward that email to [URL] Filter should check both incoming and outgoing messages. I will auto generate CRM_managers_emails and CRM_clients_email files containing all such emails taken from CRM database. I know i should use something like Postfix After-Queue Content Filter but most of examples are for blocking emails.
I configure squid to work with squidGuard , and all thing work properly , but there is problemfirst look to this squidGuard.confdhhome /usr/local/squidGuard/dblogdir /usr/local/squidGuard/log
Through shell script iam sending mail, i want to send mail to multiple recipient,can any one help me how to send mail to multiple recipient.Iam sending mail through the below given in shell script to one recipient.
Is there a way of allowing only certain domain to send e-mails to certain specific e-mail address. I am using Sendmail, and I have an alias which translate to certain members of staff within my organization. I don't expect e-mails from outside our domain to be sent to this alias e-mail address.
I've noticed in my Apache logs a lot of hits to a specific URL on my server. The thing is, the URL is invalid and returns a 404. Every hit has a different Agent ID (things like Windows NT 4 and IE 8, Mac OS and Safari, Windows 7 and Mozilla, etc) and usually a slightly different IP address. If you browse the URL with Chrome/Firefox, it gets reported as potential phishing activity - despite it only returning a 404 error.
I blocked a range of IPs with IPTables which worked for a while, but I can see the IP address has changed again (outside of the range I set) and is generating logs again.
Is it possible to automatically block any IP attempting to access this specific URL?
In Iran there is a famous "access denied page" that redirects you to a strange page with a lot of HTML errors and lol, telling you RTFM about ridiculous Internet laws.I want to filter the contents of the page, because the page IP, URL, ... are all unknown.I don't know much about squid configuration scripts.I can read but cannot write
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place. I had wrongly assumed that any port NOT specifically listed in one's firewall rules (CentOS 5 with default iptables installation) would be blocked. I thought you had to add a rule to /etc/sysconfig/iptables in order to open up a port. Apparently this is NOT the case. So is it true that if I install some random software that starts listening on any number of ports that I have not specifically mentioned in /etc/sysconfig/iptables that it will not be blocked - it will work right away?
Anyway, I guess two questions: 1) What's a generic way to block a specific port? I use rules like this to "open" ports (although is this not needed if they're open anyway?) -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT What's the analog of this kind of rule to *block* a port? 2) Is there a better way to configure iptables to block all ports that are not mentioned in its configuration? Is that dangerous? (will it block things that I don't want to block?)
block incoming email within either postfix or spamassassin when the sender equals the recipient. The manner in which our mail infrastructure is set up would preclude this from happening. Granted, we do have outside vendors that spoof our domain so we have to allow emails in with our domain as the sender/from. The vendors do not, however, utilize the same sender/recipient when sending emails.
How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.
I run the openssh daemon on port 22 and have the proftp running on port 21. I would like to block SSH for a specific user.I use proftpd.I would like to prevent the SSH access for this user and leave the FTP working for this user specific.Into /etc/passwd, I tried to change the /bin/bash to /bin/false, but this blocks both SSH and FTP access for this account.
I closed all Internet related apps and the connection persisted. After a reboot it did not reconnect (yet).The IP address appears to belong to esomniture.com - some sort of web analytics company. How do I prevent my computer from connecting to these rascals. I have found a lot of documentation regarding stopping inbound connections to services on my computer but not the other way. I have various filtering addons installed in Firefox however, this connection seems to be at a lower level as no program is specified as being responsible for the connection.
What I want to do is from a file having block like
<event> 8 3 0.2685416E-02 2 -1 0 21 -1 0
[code]...
The first line after the "<event>" is its process-id, so I would like to have at the end a summary of how many "event" block I have for each type, ie how many
6 1 0.2685416E-02
or how many
7 2 0.2685416E-02
etc etc
I do not know in advance how many different-kind of block I will have, so it has to be a bit smart to scan the file, and make an new "summary" info for each unique type I was using something like
I need to search a bunch of files in a specific folder for a specific number and add all the numbers together to a total sum. I use Rsync everyday, everytime I run rsync i get a logfile (rsync output) witch contains the textstring "Total bytes sent: xxxxxx".
The "xxxxx" can vary in lenght. I need to extract the "xxxxxx" from each file and add the numbers together to a total size over a week or a month. Is this possible? And I wish to only use bash. One way of doing stuff at a time my friends .
i have installed redhat 5.3 and install sendmail on it.it is working perfectly fine.my question is|:
(1) can i restrict the sender and receivers email in sendmail?eg. i want to do that i want to allow only particular email addresses to send and receive and all other will be discarded (2) i made aliases for all user but it only receives received mail copy i want both sent and receive mail copy in aliases.
my system I want user1 and only user1 to be able to mount and unmount a specific partition, this partition contains backups and is usually mounted read only, needs to be temporarily mounted read/write by user1 while doing the backup.user1 is an unprivileged user. I've read that the user option will let any user mount the file-system (and only that user can then subsequently unmount it) and that the users option allows any user to mount or unmount the file-system.I also found this in mount's man pageQuote:The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file.So it looks like I'd need a login script for that user to make the user owner of the device file (/dev/voiceserv/backup in this case)
I'm looking for a way to redirect e-mail with postfix based on sender AND recipient. What I want: Let's say I have 3 users:
[code]....
and an external address, let`s call it [URL] sends e-mails every day to andy, mark and john Now, MARK and JOHN, need the e-mail sent by [URL], but TOM doesn't need it. Is there a way to redirect ONLY the e-mail sent to TOM from [URL], to some other address, let`s say [URL] without affecting the e-mail received by MARK and JOHN? Unfortunately using SENDER ACCESS redirects ALL e-mail from [URL]
Consider a situation in which you want to display only specific lines of contents from a file or of a command's output. Yes, we have head and tail commands. But, how to view all the lines of a file except the last one or vise versa when we don't know the count of lines in advance?
Here, I don't want the last line (in italic) to be included in the result since the last line is due to "grep bash" in the devised command "ps au | grep bash". Well, we can rewrite the devised command:
Quote:
"ps au | grep bash | head -n 2"
But, again, here we are specifying the count of lines to be included. But, in the presented problem we don't know any count in advance!
I got one last stop until I've fully configured my Sendmail server. I want the server to verify which address the sender is using when sending mail. Even though authenticated via SMTP AUTH or mailing from an IP listed as RELAY in access.db, the user should not be able to use whichever address he likes.
Ideally, I would like Sendmail to use a file that looks something like this: Username sername@Server.org
where, if logged in with Username, the only accepted sender address is Username@Server.org. As of now, Sendmail just verifies that the sender domain exists and then relays which I don't like. This also applies to a lot of other servers as well... for example in the cases where ISPs have blocked outgoing port 25 and let all their users use their SMTP server. I assume, if they don't use SMTP AUTH which is not the case where I am, that they have their entire IP range listed as RELAY and therefore, using my ISPs SMTP when in their net, I can send mail as whomever I like as long as the sender domain exists.
I've had a look at filters but haven't found any suitable and I assume that this might be realised through a Ruleset or something. What do you think? Have I missed something making this a really stupid suggestion or am I on to something? It would make my day
I want to record an internet radio station starting at 2:00am tomorrow morning. The specific program on the radio station lasts until 6:00am. The command I need to run to record the station is: Code:mplayer http://wjcu.jcu.edu:8001/listen.pls -ao pcm:file=indie_heat_of_the_night.wav -vc dummy -vo nullI'd use cron, but 1. I'm not sure how to and 2. it seems unnecessarily complicated for something that I only want to run once. If cron is the only/easiest solution, I guess I'll just have to resort to that, but I'd rather not.
I want to block a domain name in sendmail server. I added the domain name and "REJECT"in /etc/mail/access file. What has to be done for the changes to take effect? when i run make command in /etc/mail dir i get following error : make: Nothing to be done for `all'.
