From LedHed's Wiki
Jump to: navigation, search
 
(4 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
This is great for email accounts for young children.
 
This is great for email accounts for young children.
  
Reference: http://hardware.newsforge.com/article.pl?sid=04/12/02/1728210&tid=126
+
All of this information was derived from:
 +
[http://hardware.newsforge.com/article.pl?sid=04/12/02/1728210&tid=126 A child-safe SMTP whitelist with Postfix and MySQL]<br>
 +
Special Thanks to Scott Merrill for his excellent HowTo.
  
  
 
== Postfix MySQL Maps ==
 
== Postfix MySQL Maps ==
 +
Create 2 files so that Postfix can query MySQL<br>
  
 
''' ''protected_users.cf'' '''
 
''' ''protected_users.cf'' '''
Line 15: Line 18:
 
  select_field = class
 
  select_field = class
 
  where_field = recipient
 
  where_field = recipient
 
  
 
''' ''whitelist.cf'' '''
 
''' ''whitelist.cf'' '''

Latest revision as of 14:37, 3 April 2007

The following information can be used to protect an email account in such a way that only messages from whitelisted (approved) senders will be accepted.
This is great for email accounts for young children.

All of this information was derived from: A child-safe SMTP whitelist with Postfix and MySQL
Special Thanks to Scott Merrill for his excellent HowTo.


Postfix MySQL Maps

Create 2 files so that Postfix can query MySQL

protected_users.cf

dbname = mail
hosts = localhost
user = postfix
password = ********
table = protected_users
select_field = class
where_field = recipient

whitelist.cf

dbname = mail
hosts = localhost
user = postfix
password = ********
table = whitelist
select_field = action
where_field = sender


NOTE: You should make sure that these files are NOT world readable because they contain mysql logon/password information!!!

chmod 640 protected_users.cf whitelist.cf


Main.cf

Edit /etc/postfix/main.cf with your favorite editor.

SMTPD_RECIPIENT_RESTRICTIONS

Add this line to the smtpd_recipient_restrictions section.

mysql:/etc/postfix/protected_users.cf

SMTPD_RESTRICTION_CLASSES

Create a restriction class. Add these lines anywhere in main.cf

smtpd_restriction_classes = whitelist
whitelist = check_sender_access mysql:/etc/postfix/whitelist.cf, reject


MySQL

Create the 2 tables needed by postfix.

Protected Users Table

CREATE TABLE `protected_users` (
`recipient` VARCHAR( 50 ) NOT NULL ,
`class` VARCHAR( 10 ) NOT NULL,
UNIQUE ( `recipient` )
);

Whitelist Table

CREATE TABLE `whitelist` (
`sender` VARCHAR( 50 ) NOT NULL ,
`action` VARCHAR( 2 ) NOT NULL ,
UNIQUE ( `sender` )
);

The SELECT, INSERT, and DELETE privileges must be granted to which ever user will be accessing these tables.
Use the following mysql statement as an example.

GRANT SELECT,INSERT,DELETE ON mail.protected_users, mail.whitelist TO SomeUser@localhost IDENTIFIED BY '********';

Obviously SomeUser = the MySQL user that you will be using to connect to the Database and ******** = the password for this user.