Category Archives: Froxlor

Filter EMails with python

title: “Filter EMails with python”
date: 2020-07-15T08:53:47
slug: filter-emails-with-python

Listen to Port 587 and call the external filter script /home/filter/filter.py (add user “filter” and put it in his home directory )

/etc/postfix/master.cf
smtp inet n - n - - smtp -v
submission inet n - n - - smtpd
 -o content\_filter=filter:dummy
filter unix - n n - 10 pipe
 flags=Rq user=filter null\_sender=
 argv=/home/filter/filter.py -f ${sender} -- ${recipient}
#smtps inet n - n - - smtpd
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup

The Filter Script: /home/filter/filter.py

#!/usr/bin/python2.7

from email import Parser
import smtplib
import sys
import logging
from subprocess import Popen, PIPE
logging.basicConfig(level=logging.DEBUG,
 format='%(asctime)s %(levelname)s %(message)s',
 filename='/home/filter/content-filter.log',
 filemode='a')

# Get the CLI arguments.
try:
 cli\_from = sys.argv[2].lower()
 cli\_to = sys.argv[4:]
 logging.debug("To / From : %r" % sys.argv)
except:
 logging.error("Invalid to / from : %r" % sys.argv)
 sys.exit(69) # postfix will bounce the mail. retrying bad args won't work

logging.debug("From : %s, to : %r" % (cli\_from, cli\_to))
# Get the email content from STDIN.
content = ''.join(sys.stdin.readlines())
p = Parser.Parser()
parsed = p.parsestr(content, True)

if parsed.get('X-Jenkins-Job'):
 #logging.debug("email source : %s" % parsed.as\_string())
 parsed.add\_header('X-noris-Ticket-Queue', 'OSA::AOP::VW')
 parsed.add\_header('X-noris-Ticket-Kunde', 'vw-rv-cod')
 parsed.add\_header('X-noris-Ticket-Autoreply', 'no')
 parsed.add\_header('X-noris-Ticket-AppendKey', 'jenkines-pipelines')
 parsed.add\_header('X-noris-Ticket-Type', 'Event')
 parsed.add\_header('X-noris-Ticket-Priority', '4')
 parsed.add\_header('X-noris-Ticket-Status', 'open')
 parsed.add\_header('X-noris-Ticket-Autodispatch', 'Alarming')
 to = "root-manager@noris.de"
else:
 to = "osa-aop-vw-d@noris.de"

content = str(parsed)
# and let's try reinjecting it into Postfix.
command = ["/usr/sbin/sendmail", "-G", "-i", "-f", cli\_from, to]
stdout = ''
stderr = ''
retval = 0
try :
 process = Popen(command, stdin=PIPE)
 (stdout, stderr) = process.communicate(content);
 retval = process.wait()
 if retval == 0:
 logging.debug("Mail resent via sendmail, stdout: %s, stderr: %s" % (stdout, stderr))
 sys.exit(0)
 else:
 raise Exception("retval not zero - %s" % retval)
except Exception, e:
 print "Error re-injecting via /usr/sbin/sendmail."
 logging.error("Error resending mail %s -- stdout:%s, stderr:%s, retval: %s" % (e, stdout, stderr, retval))
 sys.exit(75) # tempfail, we hope.

Securing Postfix & Dovecot

title: “Securing Postfix & Dovecot”
date: 2016-12-09T10:28:25
slug: securing-postfix-dovecot

Create a cert Chain if needed:

cat private/server.crt startssl/sub.class2.server.ca.pem private/server\_with\_chain.pem

Test Certificates

openssl s\_client -connect localhost:imaps
openssl s\_client -connect localhost:143 -starttls imap
openssl s\_client -connect localhost:25 -starttls smtp

Result should include:
Verify return code: 0 (ok)

Check Certificate Details

echo | openssl s\_client -showcerts -servername gnupg.org -connect asanger.biz:443 2>/dev/null | openssl x509 -inform pem -noout -text

Test Postfox SSL Certificate

title: “Test Postfox SSL Certificate”
date: 2016-08-26T14:40:55
slug: test-postfox-ssl-certificate

openssl s\_client -starttls smtp -crlf -connect mx.test.net:465

With CA file:

openssl s\_client -CApath cert\_kubernetes\_new/ca.pem -starttls smtp -crlf -connect mx.test.net:465

Relayhost with only one Relay

title: “Relayhost with only one Relay”
date: 2016-08-25T19:39:32
slug: relayhost-with-only-one-relay

Setup Relay Host Port and SMTP Authentication Client in Postfix

JUNE 21, 2008 BY WINGLOON·3 COMMENTS

This setup will help you to route all outgoing email through your ISP SMTP server using different port number and that SMTP server requires you to authenticate before relaying. For this scenario, the ISP SMTP server is Exim.

  1. Edit this file /etc/postfix/main.cf and add relayhost to point to your ISP SMTP server with port number as below: –

relayhost = mail.example.com:2525

  1. Add the next parameter to allow Postfix to authenticate before relaying outgoing email as below: –

smtp_sasl_auth_enable = yes

  1. Add the following line below to map authentication information as below: –

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

  1. Then, add the next parameter to force Postfix to use AUTH LOGIN as below: –

smtp_sasl_mechanism_filter = login

  1. Create a file /etc/postfix/sasl_passwd and put the authentication information as below: –

mail.example.com username@example.com:password

  1. Next, run the following command below to create the lookup table: –

postmap /etc/postfix/sasl_passwd

  1. Then, restart your Postfix service as below: –

service postfix restart

Relayhost with authentication

title: “Relayhost with authentication”
date: 2016-08-18T15:11:43
slug: relayhost-with-authentication

vi /etc/postfix/sender\_relay
support@domainvalley.de [smtprelaypool.ispgateway.de]

vi /etc/postfix/sasl\_passwd
@domainvalley.de support@domainvalley.de:PASSWORD

postmap /etc/postfix/sender\_relay
postmap /etc/postfix/sasl\_passwd

/etc/postfix/main.cf

smtp\_sender\_dependent\_authentication = yes
sender\_dependent\_relayhost\_maps = hash:/etc/postfix/sender\_relay
smtp\_sasl\_password\_maps=hash:/etc/postfix/sasl\_passwd
smtp\_sasl\_auth\_enable=yes
smtp\_sasl\_security\_options = noanonymous

Wenn eingehende Mails nicht mehr gescannt werden

title: “Wenn eingehende Mails nicht mehr gescannt werden”
date: 2015-08-22T10:43:17
slug: wenn-eingehende-mails-nicht-mehr-gescannt-werden

vi /var/lib/spamassassin/spamd.log

Bei solchen Einträgan:
Sat Aug 22 11:38:31 2015 [17318] warn: spamd: unauthorized connection from localhost [127.0.0.1] at port 48960 at /usr/sbin/spamd line 1274.

Checken welche IP Adresse an spamd schickt:

tcpdump -i any -n port 783

Diese dann in

/etc/default/spamassassin

eintragen (nach -A)

Bsp:

OPTIONS="-A 127.0.0.1 --create-prefs --max-children 5 --username debian-spamd --helper-home-dir ${SAHOME} -s ${SAHOME}spamd.log"

Dovecot & Sieve

title: “Dovecot & Sieve”
date: 2014-11-18T22:12:06
slug: dovecot-sieve

dovecot-managesieved und dovecot-sieve installieren

apt-get install dovecot-managesieved dovecot-sieve

mkdir /var/lib/dovecot/sieve/

vi /var/lib/dovecot/sieve/default.sieve

Filter Regel anlegen um Mails die mit “X-Spam-Flag” “YES” markiert sind, in Junk Ordner verschieben

require "fileinto";
if header :contains "X-Spam-Flag" "YES" {
 fileinto "Junk";
}

Regel compilieren

sievec /var/lib/dovecot/sieve/default.sieve

chown -R vmail:vmail /var/lib/dovecot

vi conf.d/15-lda.conf

lda\_mailbox\_autosubscribe = yes
lda\_mailbox\_autocreate = yes

vi conf.d/90-sieve.conf

sieve = ~/.dovecot.sieve
sieve\_dir = ~/sieve
sieve\_global\_path = /var/lib/dovecot/sieve/default.sieve
sieve\_global\_dir = /var/lib/dovecot/sieve/
sieve\_after = /var/lib/dovecot/sieve

Spamassassin support

title: “Spamassassin support”
date: 2014-05-23T11:17:47
slug: spamassassin-support

Spamassassin mit spamc instalfffffflieren:

apt-get install spamassassin spamc

In /etc/postfix/master.cf folgende Zeile editieren
(“-o content_filter=spamassassin” hinzufügen, das “-v” kann nach erfolgreicher Installation entfernt werden):

smtp inet n - - - - smtpd -v
 -o content\_filter=spamassassin

Und am Ende einfügen:

spamassassin unix - n n - - pipe
 user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Dann Postfix neu starten

/etc/init.d/postfix restart

Spamd in /etc/default/spamassassin folgendes einfügen

ENABLED=1
SAHOME="/var/lib/spamassassin/"
OPTIONS="--create-prefs --max-children 5 --username debian-spamd --helper-home-dir ${SAHOME} -s /var/lib/spamassassin/spamd.log"
PIDFILE="${SAHOME}spamd.pid"

Spamassassin neu starten

/etc/init.d/spamassassin restart

Testen ob spamd läuft

ps aux | grep spamd
root 22759 1.3 0.3 125344 55520 ? Ss 13:26 0:01 /usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid

Die user_prefs befindet sich in: /var/lib/spamassassin/.spamassassin hier können folgende Einstellungen vorgenommen werden:

Ab wird eine Mail als Spam deklariert:

required\_score 10

Bestimmte Empfänger Domains nicht auf Spam prüfen:

all\_spam\_to \*@domain1.de
all\_spam\_to \*@domain2.net

Bestimmte Absender Domains blacklisten:

blacklist\_from \*@mxkli.com

Spam Check mittels spamcop und spamhaus & White List für Empfänger Domains

title: “Spam Check mittels spamcop und spamhaus & White List für Empfänger Domains”
date: 2014-05-23T08:15:23
slug: spam-check-mittels-spamcop-und-spamhaus

Nachfolgende Konfiguration checkt eingehende Mails auf Spam, lässt aber alles an die
Empfänger Domains durch die in /etc/postfix/whitelist_recipient eingetragn sind.

vi main.cf

 smtpd\_client\_restrictions = permit\_mynetworks,
 permit\_sasl\_authenticated,
 check\_recipient\_access hash:/etc/postfix/whitelist\_recipient,
 reject\_rhsbl\_client blackhole.securitysage.com,
 reject\_rhsbl\_sender blackhole.securitysage.com,
 reject\_rbl\_client relays.ordb.org,
 reject\_rbl\_client blackholes.easynet.nl,
 reject\_rbl\_client cbl.abuseat.org,
 reject\_rbl\_client proxies.blackholes.wirehub.net,
 reject\_rbl\_client bl.spamcop.net,
 reject\_rbl\_client sbl.spamhaus.org,
 reject\_rbl\_client opm.blitzed.org,
 reject\_rbl\_client dnsbl.njabl.org,
 reject\_rbl\_client list.dsbl.org,
 reject\_rbl\_client multihop.dsbl.org,
 permit

vi /etc/postfix/whitelist_recipient

it-asanger.de OK

postmap /etc/postfix/whitelist_recipient

postfix reload