Posted inipv6 postfix spf

Postfix IPv6 + SPF (sender policy framework)

Even though spammers may not have thought to do the email forgery yet, I’m publishing SPF txt record in dns.

# dig txt ipv6.kutukupret.com +short
"v=spf1 ip6:2001:470:19:13c::2 -all"

I don’t even know whose gonna validate my spf record anyway 😀 But for the sake of my curiousity, i’m continue developing SPF on my ipv6 postfix smtp. first i need to publish spf txt record

ipv6.kutukupret.com.    86400   IN      SPF     "v=spf1 ip6:2001:470:19:13c::2 -all"

for the scanner, i’m using postfix-policyd-spf-perl, can be download at http://www.openspf.org/Software The following Perl version and packages are required for running postfix-policyd-spf-perl: Perl 5.6 NetAddr-IP 4 Mail-SPF (not Mail-SPF-Query) perl-Net-DNS >= 0.65 perl-Net-IP >= 1.25 Test the postfix-policyd-spf-perl script, just make sure it works with ipv6 address.

# ./postfix-policyd-spf-perl
request=smtpd_access_policy
protocol_state=RCPT
protocol_name=SMTP
helo_name=mx.ipv6.kutukupret.com
queue_id=
instance=71b0.45e2f5f1.d4da1.0
sender=henet@ipv6.kutukupret.com
recipient=hari.h@ipv6.kutukupret.com
client_address=2001:470:19:13c::2
client_name=another.domain.tld

action=PREPEND Received-SPF: pass (ipv6.kutukupret.com: 2001:470:19:13c::2 is authorized to use 'henet@ipv6.kutukupret.com' in 'mfrom' identity (mechanism 'ip6:2001:470:19:13C::2' matched)) receiver=unknown; identity=mailfrom; envelope-from="henet@ipv6.kutukupret.com"; helo=mx.ipv6.kutukupret.com; client-ip="2001:470:19:13c::2"
Tags: , , 5
Posted inpostfix sqlgrey

Postfix IPv6 + sqlgrey

I’m not sure if it’s necessary for greylisting in ipv6 smtp right now, seems spammer haven’t move their target on ipv6 smtp server yet.After wandering around for couple of hour with google, i’ve finally found application that’s suitable for my postfix greylisting.i’m using milter-greylist previously, but seems like postfix didn’t have {if_addr} in its milter macros and i have to apply workaround.

so i decided using sqlgrey for easiness sake 🙂

Current state

SQLgrey gained the following features since the beginning:

* SQLgrey can withstand a database crash (grey-listing is automatically switched off)
* 3 grey-listing algorithms to choose from
* Support for file-based IP and FQDN whitelists
* Support for fetching up-to-date whitelists from a repository
* Can mail the admin when the database is unavailable
* Auto-whitelists now understand SRS (SPF-aware mail forwarding)
* IPv6 support
* OPTIN / OPTOUT support
* Fine log controls
* Activity reports
Tags: , No Comments
Posted inipv6 postfix

Howto make postfix listening on IPv6

Postfix, by default only listen on ipv4 interface. this is howto make Postfix listen on both ipv4/ipv6 This example using IPv6 address given by he.net In main.cf [text] -- others config -- -- snippet -- inet_protocols = ipv4, ipv6 inet_interfaces = 127.0.0.1, 192.168.200.18, [::1], [2001:470:19:xxxx::2] mynetworks = [2001:470:19:xxxx::/64], [::1/128], 127.0.0.1,…
Tags: , No Comments
Posted inaltermime postfix

Postfix Change Header From: outgoing mail using altermime

Biasanya From: header akan di isi oleh nilai dari settingan client masing2 user.

contoh: di thunderbird From: header akan di isi settingan dari Your Name:.

untuk email2 official From header bisa di paksakan supaya menggunakan nama user yg ada di database postfix user.
dengan bantuan altermime dan sedikit coding(c dan bash script).

altermime dapat di download disini:

www.pldaniels.com/altermime/

Coding c (access mysql db):

fungsinya untuk query field “name” (nama lengkap email user) di database postfix

paste code ini di console editor.(vi atau pico)

#include 
#include 
#include 
#include 

main(int argc,char *argv[]) {
   MYSQL *conn;
   MYSQL_RES *res;
   MYSQL_ROW row;

   char *server = "localhost";
   char *user = "user";
   char *password = "password";
   char *database = "db";
   char strsql[512];

   if(argc != 2)
   {
       printf("Usage: %s ’string query’\n", argv[0]);
       exit(EXIT_FAILURE);
   }

   snprintf(strsql, 512, "SELECT REPLACE(TRIM(name),’\n’,”) FROM mailbox WHERE username=TRIM(’%s’)", argv[1]);

   conn = mysql_init(NULL);

   /* Connect to database */
   if (!mysql_real_connect(conn, server,
         user, password, database, 0, NULL, 0)) {
      fprintf(stderr, "%s\n", mysql_error(conn));
      exit(EXIT_FAILURE);
   }

   /* send SQL query */
   if (mysql_query(conn, strsql)) {
      fprintf(stderr, "%s\n", mysql_error(conn));
      exit(EXIT_FAILURE);
   }

   res = mysql_use_result(conn);

     while ( (row = mysql_fetch_row(res))  !=  NULL )
      printf("%s\n", row[0]);
   return(0);

   /* Release memory used to store results and close connection */
   mysql_free_result(res);
   mysql_close(conn);
}
Tags: , , 3