PDA

View Full Version : E-mail Whitelisting at the Server Level



twisting_edge
11-14-2006, 04:08 PM
Years ago (1998 or so) I used procmail (the delivery agent used by westhost at the time) to call a perl script whenever an e-mail came in and handle it for me. It was just a sample, and I took it down after a day or two.

I'd like to establish a whitelist on one of my accounts using a similar technique. The account does not receive much e-mail, perhaps 25 messages/day (20 being spam), so I can get a little expensive in my solution.

I want the e-mail to bounce at the server level (not the client level), so the sender does not have to wait for me to next start my client. I just need to bounce the e-mail if they are not on the whitelist, and include directions for getting on the whitelist in the bounce message (which spammers might check for another e-mail address, but will doubtless ignore otherwise). That way, the user can resend the e-mail while the issue is still important for them.

Setting up a web-based form (or subject line password) to get them on the whitelist should be easy. I just need to figure out how to get the delivery agent to call a program and access the same whitelist.

twisting_edge
11-14-2006, 04:52 PM
Update: westhost still uses procmail.

Now, if I can only remember how I pulled that off last time. Solving puzzles like that through trial and error is one of the main reasons I got my own site, however.

Should be fun. Whether or not it will be might be another matter.

wildjokerdesign
11-15-2006, 08:00 AM
Hmmm... You know there is the Auto reply option that WestHost has for email accounts. I have never really explored how it is set up but I wonder if you could somehow use it (modified) to do what you want. On top of that any email alias can be set up via the SiteManager that sends to an application.

Command: The Command alias is used to redirect e-mail sent to an address to a script. This can be useful to send e-mail sent to unsubscribe an address to be automatically removed from your mailing list through the use of a Perl (or other language) script. WestHost does not provide support for scripts of this fashion as long as Perl is functioning properly.

Reference: WestHost Manual (http://members.westhost.com/e-mail-ftp-management.html)

twisting_edge
11-15-2006, 08:36 AM
There's a symbolic link in /etc (note that mine is a very old site and has some legacy stuff in it, so yours may vary) that points to /etc/mail/aliases, I think. That is actually the file where Site Manager inserts your aliases (I tried it), and it looks a lot simpler to use than procmailrc. It also allows things to be redirected to a script, there's a clear example in that file (commented out) pointing to /etc/mail/auto.pl, or a name very similar to that. I think that is the autoresponder script.

Unfortunately, that script does not exist, so I can't use it as an example of what that script will be passed / needs to generate. I assume if I had an autoresponder hooked up (I've never used one either), that script would exist. I'm assuming either the whole message is passed to stdin, or the body is passed to stdin, and the header fields are set in the environment. I'm further assuming it just writes the message to stdout, with the usual header-blankline-body format.

I was distracted for a bit trying to verify out how to bounce the mail. But I killed off a disposable address about four years ago due to spam, and restarted it last night. It is still getting spam (although not quite as much), so I don't think the added feature of sending a valid rejection notice is worth pursuing. On the other hand, I really don't want to be sending a valid response back, which would only encourage far more spam. But my whitelist strategy relies on getting a message back to the sender while they are hopefully still at the kbd.

I think rejection notices are actually sent to mailer-deamon@<originating address>, with the actual rejection notice sent by that program to the sender.

A quick workaround would be to have the filter forward the e-mail to a non-existant address, and let the mailer handle the rejection (that works). The problem with that is the sender might believe they typoed on the address. I suppose I could use sometihng obvious like "whitelist-rejection.<dest address>@<dest domain>". I'm still playing with ways to get the system to do my work for me. That approach wouldn't get my address culled (they'd try to cull the mangled address), but neither would it appear as a valid response.

twisting_edge
11-15-2006, 08:40 AM
Note that I am fairly sure someone has already done precisely what I want. But it will probably be quicker (and will certainly be more educational) to hack it out myself. That sort of goes without saying.

rolling
11-15-2006, 09:56 AM
I think that this should work if you put it in your "~/.procmailrc" file:



:0
* ^TO_requireduser@yourdomain.com
{
# Test if the email's sender is whitelisted
:0:
* ? formail -x"From" -x"From:" -x"Sender:" \
-x"Reply-To:" -x"Return-Path:" -x"To:" \
| egrep -is -f white.lst
/path/to/mailbox

# Bin everything else sent to this user
:0
/dev/null
}

As soon as the first matching and delivering recipe is found, procmail stops processing this email message. Everything else gets sent to the bit bucket.

If you want to bounce the mail, then you would need something like this



:0
* ^TO_requireduser@yourdomain.com
{
# Test if the email's sender is whitelisted
:0:
* ? formail -x"From" -x"From:" -x"Sender:" \
-x"Reply-To:" -x"Return-Path:" -x"To:" \
| egrep -is -f white.lst
/path/to/mailbox

# Bounce unwanted mail
:0 h
* ! ^FROM_DAEMON
* ! ^X-YourDomain: bounced
| ( formail -rt -A "X-YourDomain: bounced; \
echo "Your email address is not on our whitelist. Please go to http://www.mydomain.com/whitelist and subscribe"; \
) | $SENDMAIL -t

# Bin everything else sent to this user (such as bounces)
:0
/dev/null
}


Reference: http://lipas.uwasa.fi/~ts/info/proctips.html#flist

If you want to catch bcc mail, then you will need to modify your sendmail.cf to include the envelope information.

Backup /etc/mail/sendmail.cf and /etc/mail/sendmail.mc
Add these two lines to your /etc/mail/sendmail.mc
HX-Envelope-From: $g
HX-Envelope-To: $u
Execute the command m4 sendmail.mc >sendmail.cf


Alternatively, you can use sendmail to reject the mail before it gets onto your system. Check out http://www.sendmail.org/m4/anti_spam.html#access_db

twisting_edge
11-15-2006, 04:34 PM
I think that this should work if you put it in your "~/.procmailrc" file: <major snip>
Thanks for the tip. I notice I sometimes actually enjoy wading through this sort of thing. It's been a cause for significant worry on my part in the past.

It looks like a potential disaster in the making, just my speed. But it also looks pretty familiar from when I last played with procmail eight years ago. Besides, it's mostly a toy server, and you only live once, right? I should take a little risk. It'll be fun.

I'll want to get my ducks in a row and make sure I understand what the script's doing first, though.

twisting_edge
12-17-2006, 06:31 PM
I finally had some time to tinker with this.

First off, as I expected, the "real" bounce notices do not appear to be sent from the destination server to the sender, but from the sending server to the sending client. I get different styles of bounce notices depending on the outbound server I am using, even when sending to the same invalid address. I cannot find a way to emulate that behavior. I'm not sure it's important, because I've seen an awful lot of bounce notices in the past few days, and a lot of them have the headers almost identical to mine.

Secondly, I accidently left the bounce scripts up, and got a LOT of rejected mail notices. The script as written trashes all bounce notices, including those from mail you actually sent (as opposed to bounce notices from your own bounce notices). You can correct that by changing the "from" line using formail. It's a significant improvement. It allows you to continue to recieve bounce notices from mistyped addresses without getting the ones from your script.

Thirdly, an awful lot of people seem to be doign the same thing I am: the overwhelming majority of the bounce notices I received from the script having sent a notice to a mailbox that is overfull.

I don't know if the spammers will cull an address from an autoresponder (as opposed to a genuine server-to-server bounce). Since so many of the bounce notices I received are also coming from an autoresponder of some kind, it's tough to tell.

If I knew I'd be culled occasionally (even if it is a very slow process), I wouldn't feel so guilty about doing this, as the total volume of e-mail would eventually go down. Without being culled, I'm just going to double the traffic.

Everyone else seems to be doing it in any case (as if that is any excuse). I'm still sort of ambivalent on the idea.