Re: email filtering with GPG

On Thu, Jun 29, 2006 at 01:32:52PM -0400, Michael W. Oliver wrote:
The more I think about this, the more certain I am that maildrop is the
right place. A user can manage their own .mailfilter configuration to
allow email from whomever they want, but there will still be a GPG
signature xfilter before the final drop to ~/Maildir.

Sorry if I wasted anyone's time with this thread, I am feeling good
about using maildrop's xfilter now... unless I hear something different.

The advantage of doing it in the MTA is that you can respond to the incoming
mail with a 5xx response and properly reject it.

If you do this after receiving the mail, either you will blackhole the
message (i.e. neither the sender nor the recipient will know that a mail has
gone missing), or you will have to create a send a bounce message, which
will be collateral spam if the incoming mail is a spam with a forged return
address.

I don't know if Postfix can filter at this point, but Exim certainly can.

Another strategy to consider, if all the mail servers are under your
control, is to require SMTP with TLS and valid certificates, and reject all
non-TLS mail.

Your GPG approach would be better if the clients are sending outbound mail
through random ISP smarthosts; but I'd argue that clients should be using
*your* mailservers as smarthosts, using the message submission service (port
587) and SMTP AUTH to enter mails into the system. With each of the
mailservers talking SMTP-TLS to each other, you have a closed and secure
mail network, but also the option of adding certain other authorised sources
of mail in the future if you wish.

Regards,

Brian.
_______________________________________________
freebsd-isp@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@xxxxxxxxxxx"