Question POSTFIX - Is there a way to check Recipient email before it is sent ?

[alexk345]

Scenario

1. Site may be hacked and someone using some form to keep sending email with your email account.
2. Also someone act as email client or hack webmail password and send it .

Most of the cases it will be send from your domain email.

We cant fool proof that.

But i am thinking of dictionary of emails only be recipient. Who ever hacks our system may not know recipient emails

I initially thought virtualbox_alias and Virtualbox_domains are for that. I think they are for incoming emails.

I need something to filter and quarantine any email send from Postfix server.

I am going though all the configuration...i cant figure out. Who can help?

I saw Hook stuff in master.cf. I was able to capture sender and recipient email with regex. Then i have no idea how to make it quarantine and pass.

 

[alexk345]

Postfix Configuration Parameters

Problem is there is no example of how to use them. I am using google search on how people reject.

 

[danami]

The first thing that you should to is set proper outgoing sending limits. That way if an email account is compromised then you can limit the damage that the email account can do before you are alerted:

How to set limitations on outgoing email messages in Plesk

Applicable to: Plesk for Linux Plesk for Windows Question How to set limitations on outgoing email messages in Plesk Answer To manage limitations on outgoing email messages, first log in to Ples...

support.plesk.com

 

[alexk345]

That is throttling. I solved it by going deep into Postfix. Basically now even someone hack my site and found out password of existing users , he cant spam to outside world. It will be rejected at posfix level. even if someone send from outside to our non existant email , it will be rejected and will be taken care of by fail2ban after 3 attempt.

Still few more issue i need to take care off. Basically catch all. NO MORE SPAM from my server.