[Rspamd-Users] per recipient reject

rspam at padaru.de rspam at padaru.de
Tue Aug 22 09:19:26 UTC 2023 

Hi,

thanks for the reply! Im using Postfix 3.6 on Ubuntu 22 and rspamd 3.4 as milter
. The recipient blocking should be dynamic. For example if i send from "my at mails
erver.com" to "test at example.com" and it gets rejected with "User unknown in virt
ual alias table", i'll feed "test at example.com" (automatically) to a rspamd map f
or multimap "action = reject" and keep it there for x days. When i now sent the
following mail, the complete mail is rejected at the end of DATA:

CLIENT -> SERVER: MAIL FROM:<my at mailserver.com>
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:<my at mailserver.com>
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: RCPT TO:<test at example.com>
SERVER -> CLIENT: 250 2.1.5 Ok
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 End data with <CR><LF>.<CR><LF>
CLIENT -> SERVER: Date: Mon, 22 Aug 2023 11:10:37 +0200
CLIENT -> SERVER: To: my at mailserver.com, test at example.com
CLIENT -> SERVER: From: my at mailserver.com
CLIENT -> SERVER: Subject: Testmail
CLIENT -> SERVER: Message-ID:
<yZfPIY7cVuoPXlz24kPCVeq4xdCe6yaRBPKwgwOeA at mailserver.com>
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER: Content-Transfer-Encoding: quoted-printable
CLIENT -> SERVER:
CLIENT -> SERVER: Test.
CLIENT -> SERVER: .
SERVER -> CLIENT: 554 5.7.1 Custom Reject Message
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 Bye

The multimap rule is the following:

custom_reject {
        type = "rcpt";
        regexp = true;
        filter = "email";
        map = "$CONFDIR/local.d/reject_recipient.map";
        symbol = "reject_recipient";
        prefilter = true;
        action = "reject";
        message = "Custom Reject Message";
}

Is there any way to block RCPT TO with rspamd?

G.W. Haywood via Users schrieb am 21.08.2023 18:50 (GMT +02:00):
> Hi there,
>
> On Mon, 21 Aug 2023, rspam at padaru.de wrote:
>
> > is there a way to isolate one specific recipient out of a
> > multi-recipient mail and only reject this rcpt? I have a multimap
> > rule, that checks for recipient and triggers "action = reject".
> > Currently the complete mail with all recipients is then rejected.
>
> The specifications for the interaction between milters and the Postfix
> and Sendmail MTAs say that if a milter returns REJECT at the envelope
> recipient stage, then only that recipient is rejected; mail processing
> continues with the next command from the client, which can be the next
> recipient or the start of the message data (ignoring for the moment
> things like aborting the transmission altogether). See for example
>
> .../libmilter/docs/overview.html
> .../libmilter/docs/xxfi_envrcpt.html
>
> in the Sendmail documentation (I only really do Sendmail).
>
> Also see
>
> .../libmilter/docs/smfi_delrcpt.html
>
> which explains that during the "end of message" phase you can delete a
> recipient; presumably at the earlier "envelope recipient" stage of the
> SMTP conversation the recipient was accepted, but you can change your
> mind as it were. I do this sort of thing in my own milters but I have
> no idea if anyone else ever does it.
>
> So yes you can certainly do that but I don't know if you can easily do
> it using rspamd. If rspamd can't do it I guess I'd defend it, because
> rspamd is looking for spam - so nobody wants it - and from what you're
> asking it seems like the mail isn't actually spam, you just have picky
> users or something. (I have nothing against picky users, as you might
> have guessed I lean to the picky side myself. :)
>
> There are probably several milters which can address what you want to
> do, but it will help if you can explain in detail under exactly what
> circumstances you want to reject the recipient. If it's just a matter
> of rejecting this one recipient under all circumstances, then you can
> probably do it in the MTA configuration itself. It might be a little
> more tricky if it's not so clear-cut as that. There might be issues
> deciding for example whether or not all the filters are to know that a
> rejected recipient appeared in the recipients list - for example for
> the purposes of spam scoring. Which MTA are you using?
>
> --
>
> 73,
> Ged.
> --
> Users mailing list
> Users at lists.rspamd.com
> [1]https://lists.rspamd.com/mailman/listinfo/users
>
>
>

References

   1. https://lists.rspamd.com/mailman/listinfo/users

More information about the Users mailing list