Re: smtp filter daemon/proxy? - Security

This is a discussion on Re: smtp filter daemon/proxy? - Security ; > My first thought was that if I put a daemon/proxy between the > webpage/php and my postfix server, I could check for high > volume, or lots of messages to xyz@aol.com , etc. and > drop them, call my ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Re: smtp filter daemon/proxy?

  1. Re: smtp filter daemon/proxy?

    > My first thought was that if I put a daemon/proxy between the
    > webpage/php and my postfix server, I could check for high
    > volume, or lots of messages to xyz@aol.com, etc. and
    > drop them, call my cell, etc.


    What if you put the mail server on a different host and also installed some
    intrusion detection system beside it? Might simplify the isolation. You
    don't even need a separate host, you could use User Mode Linux or FreeBSD
    jails for example. Just throwing out ideas.

    > It doesn't look all that hard to change the code to
    > even write the messages to files, put a filespec
    > into a mysql table, and have a separate daemon
    > look in the table.
    >
    > Got pointers to a generic smtp proxy?
    > or other ideas?


    Another thought is, what if you configured the mail server so it does not
    trust any network (even localnet) but rather requires authentication for
    all outgoing mail? I did write a generic SMTP proxy to require SMTP AUTH
    http://www.pc-tools.net/unix/smtpauth/README

    This would force at least all relaying to be done with explicit
    authentication. However, if you have a script with hard coded
    authentication, a spammer could still use that.

    --
    Jem Berkes
    Software design for Windows and Linux/Unix-like systems
    http://www.sysdesign.ca/

  2. Re: smtp filter daemon/proxy?

    Jem Berkes wrote:

    >> My first thought was that if I put a daemon/proxy between the
    >> webpage/php and my postfix server, I could check for high
    >> volume, or lots of messages to xyz@aol.com, etc. and
    >> drop them, call my cell, etc.

    >
    > What if you put the mail server on a different host and also installed
    > some intrusion detection system beside it? Might simplify the isolation.
    > You don't even need a separate host, you could use User Mode Linux or
    > FreeBSD jails for example. Just throwing out ideas.
    >


    NO NO NO

    PHP is not buggy.
    Your SMTP server is not buggy.

    It' the code someone has written in PHP, and/or the design ideas they were
    working from. That's the only place you should be trying to fix this.

    C.

  3. Re: smtp filter daemon/proxy?

    Colin McKinnon wrote:
    > It' the code someone has written in PHP, and/or the design ideas they were
    > working from. That's the only place you should be trying to fix this.


    Fine, now given that one isn't willing or able to
    fix the PHP code, what do your propose as
    a practical solution?


    --
    Pat



+ Reply to Thread