Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- smtp filter daemon/proxy?
- Pat Farrell
November 23, 2005, 8:38 pm
rate this thread
as it was reasonably solid, no relaying, etc. I think
one of the php pages had an email-able form that could be
mail-injected. Not sure, but that's the best I can tell from the
Anyway, The ecommerce site on my server really needs some outgoing
email ability, confirmation of orders, etc. Probably
no more than one or two an hour.
So I've been doing the obvious things, getting the
latest versions of PHP and the ecommerce code,
checking the logs, etc.
My first thought was that if I put a daemon/proxy between the
webpage/php and my postfix server, I could check for high
volume, or lots of messages to email@example.com, etc. and
drop them, call my cell, etc.
It doesn't look all that hard to change the code to
even write the messages to files, put a filespec
into a mysql table, and have a separate daemon
look in the table.
Got pointers to a generic smtp proxy?
or other ideas?
Re: smtp filter daemon/proxy?
What if you put the mail server on a different host and also installed some
intrusion detection system beside it? Might simplify the isolation. You
don't even need a separate host, you could use User Mode Linux or FreeBSD
jails for example. Just throwing out ideas.
Another thought is, what if you configured the mail server so it does not
trust any network (even localnet) but rather requires authentication for
all outgoing mail? I did write a generic SMTP proxy to require SMTP AUTH
This would force at least all relaying to be done with explicit
authentication. However, if you have a script with hard coded
authentication, a spammer could still use that.
Software design for Windows and Linux/Unix-like systems
- » Server Running Fedora Core 2 Lots of login attempts
- — Next thread in » Linux Security
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security