amavisd web interface

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Fri Mar 30 10:41:58 CEST 2012


On Thursday, March 29, 2012 02:58:43 PM Troy Carpenter wrote:
> I've been looking at an easier way to manage white and blacklists first
> globally for my site, then for individual users.  Right now I've moved all
> white/black list configuration to text files in the amavisd template, but of
> course I have to maintain the files myself.
> 
> I'm wondering if anyone has already extended this to make it easier for an
> admin to add/remove entries, as well as extended it on a per user basis.
> Even more, tie it into the kolab web admin interface (probably the best
> place to put that functionality given the number of possible web-based
> clients out there).
> 

Hi Troy,

You cut into a very interesting topic. Let me ponder this out loud for a bit.

A global sender whitelist/blacklist could be implemented in Postfix relatively 
easily, with for example:

  smtpd_sender_restrictions =
      check_recipient_access hash:/etc/postfix/whitelist,
      check_recipient_access hash:/etc/postfix/blacklist

Substitute the hash lookup table for something LDAP, or something SQL, and it 
can be shared between nodes real-time, and perhaps more easily administered.

A more conditional sender whitelist/blacklist on a per-user basis is a little 
more difficult.

Just a little in the sense that we have the kolabAllowSMTPSender in LDAP that 
could be used to this end - but is often used as a mandatory administrative 
policy for a user, and not editable by users themselves. This is implemented 
with the new Kolab SMTP Access Policy[1,2,3]. The downside of this 
implementation may be that it either blacklists the entire mail (for all 
recipients included in the message) or accepts the message for all recipients.

A second solution comes to mind, using Wallace[4] (something entirely new).

I think you are tapping into a third solution, one that could possible be 
implemented on top of Kolab 2.3 as well, and I suppose you are (or could be) 
using the techniques listed at [5,6]?

Could you share some more details on what it is you are doing exactly, to 
implement this?

Kind regards,

Jeroen van Meeuwen

[1] http://docs.kolab.org/en-
US/Kolab_Groupware/2.4/html/Architecture_and_Design/chap-
Architecture_and_Design-Kolab_SMTP_Access_Policy.html
[2] http://wiki.kolab.org/User:Kanarip/Draft:Kolab_SMTP_Access_Policy
[3] http://git.kolab.org/pykolab/tree/bin/kolab_smtp_access_policy.py
[4] http://docs.kolab.org/en-
US/Kolab_Groupware/2.4/html/Architecture_and_Design/chap-
Architecture_and_Design-Kolab_Content_Filters.html#sect-
Architecture_and_Design-Kolab_Content_Filters-The_Wallace_Content_Filter
[5] 
http://www.akadia.com/services/postfix_amavisd.html#Globally%20Sender%20Whitelists%20and%20Blacklists
[6] http://www.akadia.com/services/postfix_amavisd.html#Per-
Recipient%20Sender%20Whitelists%20and%20Blacklists%20%28Maia%20Mailguard%29

-- 
Systems Architect, Kolab Systems AG

e: vanmeeuwen at kolabsys.com
m: +44 74 2516 3817
w: http://www.kolabsys.com

pgp: 9342 BF08
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/users/attachments/20120330/1ecef8a9/attachment.sig>


More information about the users mailing list