Postfix: Whitelist sender SMTP Server in header_checks

Discussion in 'Server Operation' started by ValeriaDeR, Dec 23, 2019.

  1. ValeriaDeR

    ValeriaDeR New Member

    Hi all =)
    I'm new here and pretty desparate ...
    I'm trying to whitelist a SMTP server in my postfix header_checks configuration file. To prevent Phishing mails we reject all external mails to our internal network with our company domain as e-mail address. As we have a webshop which sends order verifications with our company domain as e-mail address we need to whitelist those e-mails. It happens that the sender e-mail addresses change or that there are newly added addresses. Therefore we don't want to whitelist every single e-mail address separately. It'd be much easier to whitelist the webserver sadly it's not working and the e-mails are still being dropped by postfix. The webserver sends e-mails with phpmail().

    Server specifications:
    OS: RHEL7
    Postfix version: 2.10.1

    header_checks:
    Code:
    if /^From:.*\<.*@.*COMPANY.*\..*\>.*/
    /^From:.*WHITELIST_DOMAIN_NAME\.net/                                  DUNNO
    /^Received:.*WHITELIST_DOMAIN_NAME\.net/                              DUNNO
    /.*WHITELIST_DOMAIN_NAME.*/                                           WARN Worked
    /^From:.*@COMPANY.com.*/                                   DISCARD      FAKE ADDRESS
    /^From:.*\<.*@.*COMPANY.*\..*\>.*/                         DISCARD      FAKE ADDRESS AGGRESSIVE
    endif
    Mail Header (as seen as received mail):
    Code:
    [...]
    Received: from WHITELIST_SERVER.WHITELIST_DOMAIN_NAME (WHITELIST_SERVER.WHITELIST_DOMAIN_NAME [WHITELIST_IP_ADDRESS])
    (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
    [...]
    Postfix Logs
    Code:
    Dec 17 16:32:16 MAILSERVER postfix/cleanup[Nr.]: Mail-ID: discard: header From: DISPLAY NAME <[email protected]> from WHITELIST_SERVER.WHITELIST_DOMAIN_NAME[WHITELIST_IP_ADDRESS]; from=<WHITELIST_SERVER.WHITELIST_DOMAIN_NAME> to=<[email protected]> proto=ESMTP helo=<WHITELIST_SERVER.WHITELIST_DOMAIN_NAME>: FAKE ADDRESS
    Thanks in advance for your help =)
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  3. ValeriaDeR

    ValeriaDeR New Member

    Thank you for your reply.
    I think this sadly only works if I'd use blacklists to reject those mails.
    I'm using header_checks to check certain patterns.
    I've tried to implement the rbl_override but sadly the mails are still being rejected:
    Code:
    [[email protected] log]# tail -f maillog | grep -i -E WHITELIST_DOMAIN_ADDRESS
    Dec 23 14:13:52 [...] postfix/smtpd[...]: connect from WHITELIST_DOMAIN_AND_IP_ADDRESS
    Dec 23 14:13:52 [...] postfix/smtpd[...]: Anonymous TLS connection established from WHITELIST_DOMAIN_AND_IP_ADDRESS: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
    Dec 23 14:13:52 [...] postfix/smtpd[...]: [...]: client=WHITELIST_DOMAIN_AND_IP_ADDRESS
    Dec 23 14:13:52 [...] postfix/cleanup[...]: [...]: message-id=<...>
    Dec 23 14:13:52 [...] postfix/cleanup[...]: [...]: discard: header From: Shop Support <[email protected]> from WHITELIST_DOMAIN_AND_IP_ADDRESS; from=<[email protected]_DOMAIN> to=<[email protected]> proto=ESMTP helo=<WHITELIST_DOMAIN>: FAKE ADDRESS
    Dec 23 14:13:52 [...] postfix/smtpd[...]: disconnect from WHITELIST_DOMAIN_AND_IP_ADDRESS
     

Share This Page