This project is for Postfix experts only please!
We operate multiple L.A.M.P. servers on behalf of our clients and we are encountering numerous attacks on a specific server due to an outdated PHP application on one of our clients website. The attacker exploits the client's "Contact Us" form and forces the M.T.A (Postfix) to send SPAM e-mail to internet users.
Since this server is intended to send e-mail to the hosted domains only, we are comfortable restricting e-mail delivery to a specified list of domains, which in turn rejects any messages sent outside this domain list.
We require a solution that achieves exactly what is mentioned here, using built-in Postfix functions or mechanisms only. With the option of applying the same solution on other servers as well.
Please be aware that we don't require any per USER restrictions, we just need to permit Postfix to send e-mail to the specified domains only and deny any email going elsewhere.
A file ALLOWED_DOMAINS contains [url removed, login to view] [url removed, login to view] [url removed, login to view] , etc.
1. Postfix receives a mail command (from PHP, Telnet, or anywhere)
2. Postfix checks the RECIPIENT e-mail address against ALLOWED_DOMAINS
3. If RECIPIENT matches any of the ALLOWED_DOMAINS => SEND MESSAGE
4. If RECIPIENT does NOT match any of the ALLOWED_DOMAINS => REJECT
Please make sure you understood the project requirements clearly before placing any bids to avoid wasting our time and yours too.
The solution must be WELL documented to allow our webmasters to deploy it accordingly. For security reasons, no access to our servers will be granted under any circumstances.
Thank you for your time and co-operation in advance.