Here's a method I put together but would like some feedback before I actually use it on a production server:
1. Created a template fragement and named it /etc/e-smith/templates-user-custom/.qmail/09AllowOnlyFrom:
{
# vim: ft=perl:
$OUT = "";
die "USERNAME not set." unless defined ($USERNAME);
use esmith::AccountsDB; $adb = esmith::AccountsDB->open_ro or die "Couldn't open AccountsDB";
my $allow_from = $adb->get_prop($USERNAME, 'EmailAllowOnlyFrom') || 'notset';
return "# EmailAllowOnlyFrom is not set for this user"
unless ($allow_from ne 'notset');
$allow_from =~ s/,/\\|/g;
$OUT = "|bouncesaying \"550 mail to \$RECIPIENT not accepted here (#5.1.1)\" test \"\`echo \$SENDER | grep -i -v -e \"" . $allow_from . "\"\`\" != \"\"";
}
2. Ran these commands:
db accounts setprop speedlinelab EmailAllowOnlyFrom @foo.com,@mydomain.com
signal-event email-update
3. This results in the following dot-qmail file in /home/e-smith/file/users/speedlinelab:
#------------------------------------------------------------
# !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at
http://www.contribs.org/development/#
# Copyright (C) 1999-2006 Mitel Networks Corporation
#------------------------------------------------------------
|bouncesaying "550 mail to $RECIPIENT not accepted here (#5.1.1)" test "`echo $SENDER | grep -i -v -e "@foo.com\|@mydomain.com"`" != ""
# sortspam disabled
# Forward not set
./Maildir/
It seems perform properly and block emails from senders that are not in the allow list. I know this method isn't foolproof because senders can spoof the from address.
Does anyone have any thoughts or suggestiosn on this? Perhaps a better way of doing it, security concerns, or potential problems?