| (2 intermediate revisions by the same user not shown) | |||
| Line 2: | Line 2: | ||
This is great for email accounts for young children. | This is great for email accounts for young children. | ||
| − | + | All of this information was derived from: | |
[http://hardware.newsforge.com/article.pl?sid=04/12/02/1728210&tid=126 A child-safe SMTP whitelist with Postfix and MySQL]<br> | [http://hardware.newsforge.com/article.pl?sid=04/12/02/1728210&tid=126 A child-safe SMTP whitelist with Postfix and MySQL]<br> | ||
Special Thanks to Scott Merrill for his excellent HowTo. | Special Thanks to Scott Merrill for his excellent HowTo. | ||
| Line 8: | Line 8: | ||
== Postfix MySQL Maps == | == Postfix MySQL Maps == | ||
| + | Create 2 files so that Postfix can query MySQL<br> | ||
''' ''protected_users.cf'' ''' | ''' ''protected_users.cf'' ''' | ||
| Line 17: | Line 18: | ||
select_field = class | select_field = class | ||
where_field = recipient | where_field = recipient | ||
| − | |||
''' ''whitelist.cf'' ''' | ''' ''whitelist.cf'' ''' | ||
Latest revision as of 14:37, 3 April 2007
The following information can be used to protect an email account in such a way that only messages from whitelisted (approved) senders will be accepted.
This is great for email accounts for young children.
All of this information was derived from:
A child-safe SMTP whitelist with Postfix and MySQL
Special Thanks to Scott Merrill for his excellent HowTo.
Contents
Postfix MySQL Maps
Create 2 files so that Postfix can query MySQL
protected_users.cf
dbname = mail hosts = localhost user = postfix password = ******** table = protected_users select_field = class where_field = recipient
whitelist.cf
dbname = mail hosts = localhost user = postfix password = ******** table = whitelist select_field = action where_field = sender
NOTE: You should make sure that these files are NOT world readable because they contain mysql logon/password information!!!
chmod 640 protected_users.cf whitelist.cf
Main.cf
Edit /etc/postfix/main.cf with your favorite editor.
SMTPD_RECIPIENT_RESTRICTIONS
Add this line to the smtpd_recipient_restrictions section.
mysql:/etc/postfix/protected_users.cf
SMTPD_RESTRICTION_CLASSES
Create a restriction class. Add these lines anywhere in main.cf
smtpd_restriction_classes = whitelist whitelist = check_sender_access mysql:/etc/postfix/whitelist.cf, reject
MySQL
Create the 2 tables needed by postfix.
Protected Users Table
CREATE TABLE `protected_users` ( `recipient` VARCHAR( 50 ) NOT NULL , `class` VARCHAR( 10 ) NOT NULL, UNIQUE ( `recipient` ) );
Whitelist Table
CREATE TABLE `whitelist` ( `sender` VARCHAR( 50 ) NOT NULL , `action` VARCHAR( 2 ) NOT NULL , UNIQUE ( `sender` ) );
The SELECT, INSERT, and DELETE privileges must be granted to which ever user will be accessing these tables.
Use the following mysql statement as an example.
GRANT SELECT,INSERT,DELETE ON mail.protected_users, mail.whitelist TO SomeUser@localhost IDENTIFIED BY '********';
Obviously SomeUser = the MySQL user that you will be using to connect to the Database and ******** = the password for this user.