This system implements a spamtrap policy daemon for Postfix, allowing for the dynamic blocklisting of email senders based on emails sent to designated spamtrap addresses. It supports Redis and SQLite backends for flexibility in deployment.
- Redis and SQLite Support: Configurable to use either a Redis server or a local SQLite database for storing blocklisted senders.
- Dynamic Blocklisting: Automatically adds senders to a blocklist when they send mail to spamtrap addresses.
- Flexible Integration: Works with Postfix by integrating into the
smtpd_recipient_restrictions
andsmtpd_sender_restrictions
.
- Clone the Repository: Download the scripts to your server.
- Install Dependencies: Ensure Python 3 is installed along with the
redis
andsqlite3
Python libraries. - Configure: Edit
config.py
to set your backend type (redis
orsqlite
), connection details, spamtrap addresses and (optionally) domain whitelisting.
- Backend Type: Choose
redis
for networked solutions orsqlite
for standalone deployments. - Connection Details: Specify host, port, and DB for Redis; database file path for SQLite.
- Spamtrap Addresses: List email addresses used as spamtraps.
- Whitelisting: You can configure a list of domains to whitelist, and optionally enable wildcard subdomain whitelisting for those. See below for more details
The Spamtrap Policy Daemon now supports domain-based whitelisting, allowing you to specify entire domains (and optionally their subdomains) that should be exempt from spamtrap-based blocking. This feature simplifies managing trusted senders, especially for organizations or domains where multiple valid senders are present.
- Whitelist Domains: Specify trusted domains in config.py under WHITELIST_DOMAINS. Emails sent from these domains will not be added to the blocklist, even if they hit a spamtrap address.
- Subdomain Support: By default, the daemon treats each domain literally, not including subdomains. If you wish to include all subdomains of a whitelisted domain, set INCLUDE_SUBDOMAINS to True in config.py. This ensures that emails from any subdomain of the specified domains are also whitelisted.
To configure this feature, update the WHITELIST_DOMAINS and INCLUDE_SUBDOMAINS settings in config.py. This approach is ideal for whitelisting trusted partners, organizations, or your own domains to prevent legitimate emails from being inadvertently blocked.
Start the main_spamtrap_policy.py
and sender_check_policy.py
scripts according to your Postfix configuration. Integrate the policy checks into Postfix's main.cf
:
smtpd_sender_restrictions = check_policy_service inet:127.0.0.1:10667, ...
smtpd_recipient_restrictions = ..., check_policy_service inet:127.0.0.1:10666
- Update Spamtrap Addresses: Modify config.py as needed.
- Convert Backend Data to Postfix Map: Use the conversion script to generate a map file for high-load scenarios, reducing direct backend queries.
Distributed under the GPLv3 License. See LICENSE for more information.