4

We occasionally have customer-provided servers in our technical support and engineering departments. They're isolated on their own VLAN, with strict firewall rules in place to minimize possible bad behavior.

We've found ourselves needing to capture (instead of block) outgoing mail by these machines. Redirecting ports and feeding machines fake MX records is easy. Creating a fake open relay doesn't seem to be. My goal is:

  • Mail to users@ourdomain.com gets relayed upstream (relay_domain = $mydomain and relayhost = $mydomain)
  • Mail to foo@example.com gets captured and forwarded to an email address @ourdomain.com

Things that probably won't work, as answered in other similar questions:

  • BCC maps: I don't want the original mail delivered to the original recipients at all.
  • virtual_alias_maps: The outgoing mails could be to any domain, not just one or two domains.
  • canonical rewriting /^.*$/: Modifies all mail, which isn't what I want. I only want non-relayable mail to be forwarded.

If this isn't possible in postfix, can other MTAs handle the task? It looks like my other obvious choices are sendmail and exim.

Community
  • 1
Charles
  • 1,214
  • 2
  • 13
  • 22
  • It is not difficult do implement that. But why would you? This violates some RFCs. This is nothing I'm going to help you out. Better block mails not intended to be relayed. – mailq Oct 07 '12 at 13:37
  • 1
    This is inside of a lab / technical support environment. We're trying to prevent mails from (possibly malicious) systems from reaching the internet, while still being able to inspect the content of those mails and know that they're trying to be sent. Meanwhile, we still need the ability to send "real" mail from those machines to ourselves at our normal addresses. – Charles Oct 07 '12 at 15:32

2 Answers2

3

Set up smtp-sink -- it is included in Postfix source distribution, but may not be present in binary package.

Charles
  • 1,214
  • 2
  • 13
  • 22
sendmoreinfo
  • 1,772
  • 13
  • 34
  • 1
    Interesting. I could tie the message logging in with a quick script that watches the directory and re-mails selectively... – Charles Feb 17 '13 at 04:51
0

Use spamhole: https://sourceforge.net/projects/spamhole/

From the website: spamhole is a fake sopen SMTP relay, intended to stop (some) spam by convincing spammers that it is delivering spam messages for them, when in fact it is not.

Senthil
  • 172
  • 1
  • 1