CWL / BWL
Tested: 2+ weeks live, test written and passed
Description^
The Custom Black List (CBL) and Custom White List (CWL) are per-recipient-domain black-/ or whitelists. This is basically a re-implementation of postfix built in smtpd_restriction_classes. If you prefer those, use them! It is provided for the sake of completeness and a single point of configuration. There are various use cases which require those kind of recipient domain based black-/whitelists. If you can’t think of any, you probably don’t need them.
Configuration^
use_negative_cache^
Default: 0
Allowed values: 0, 1
Caches will be written for negative ‘not-on-the-list’, too, which could produce a lot of cache entries.
tables^
Default: empty
Allowed values: array of [ 'ips', 'domains', 'addresses' ]
There are three kind of tables which could be used for lookups:
- ips
Maps IP addresses to recipient domains. For CBL that would read: block all mails from sender IP a.b.c.d to recipient domain xyz. - domains
More dangerous then IPs, because recipients are arbitrary forgeable. For CBL reads: block all sender domain abc to recipient domain xzy. - addresses
Same as domains, but on a sender address basis.
Usage Suggestion^
Put the CWL in front of the CBL and DNSBL. The CBL can be put before or after DNSBL.
Database^
This module uses the database. Here is the SQL example for creating the tables. It is written in SQLite, but should be usable with small or no modifications in most supported RDBS.
CBL^
-- TABLE: cbl_domains (SQLITE): CREATE TABLE CBL_DOMAINS (sender_domain varchar(255), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CBL_DOMAINS_RECIPIENT_DOMAIN_SENDER_DOMAIN ON CBL_DOMAINS (recipient_domain, sender_domain); -- TABLE: cbl_addresses (SQLITE): CREATE TABLE CBL_ADDRESSES (sender_address varchar(255), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CBL_ADDRESSES_RECIPIENT_DOMAIN_SENDER_ADDRESS ON CBL_ADDRESSES (recipient_domain, sender_address); -- TABLE: cbl_ips (SQLITE): CREATE TABLE CBL_IPS (client_address varchar(39), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CBL_IPS_RECIPIENT_DOMAIN_CLIENT_ADDRESS ON CBL_IPS (recipient_domain, client_address);
CWL^
-- TABLE: cwl_domains (SQLITE): CREATE TABLE CWL_DOMAINS (sender_domain varchar(255), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CWL_DOMAINS_RECIPIENT_DOMAIN_SENDER_DOMAIN ON CWL_DOMAINS (recipient_domain, sender_domain); -- TABLE: cwl_addresses (SQLITE): CREATE TABLE CWL_ADDRESSES (sender_address varchar(255), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CWL_ADDRESSES_RECIPIENT_DOMAIN_SENDER_ADDRESS ON CWL_ADDRESSES (recipient_domain, sender_address); -- TABLE: cwl_ips (SQLITE): CREATE TABLE CWL_IPS (client_address varchar(39), recipient_domain varchar(255), id INTEGER PRIMARY KEY); CREATE UNIQUE INDEX CWL_IPS_RECIPIENT_DOMAIN_CLIENT_ADDRESS ON CWL_IPS (recipient_domain, client_address);
Example^
CBL and CWL^
---
disable: 0
use_negative_cache: 1
tables:
- ips
- domains
- addresses
Performance^
Runtime: average with empty set 0.001 secs
My Name is Ulrich Kautz and this is my private blog about server administration, perl programming and some other stuff that is on my mind. I study part-time computer sience at FU Berlin and work as sys admin and web developer at our hosting company