Tool to generate postfix virtual map file based on a set of excluded usernames in a domain

build_postfix_virtual.py

#!/usr/bin/env python3

import yaml
import json


POSTFIX_VIRTUAL_FILENAME = '/etc/postfix/virtual'


def get_blocked_domain_string(blocked_domains):
    return '|'.join([x.replace('.', '\.') + '@' for x in blocked_domains])

def get_name(name):
    return name.replace('.', '\.')

def get_virtual_line(name, blocked_domains, recipient):
    return "/^(?!{blocked_domains}).*@{name}$/  {recipient}".format(
        blocked_domains=get_blocked_domain_string(blocked_domains),
        name=get_name(name),
        recipient=recipient)

try:
    with open('build_postfix_virtual.yaml') as f:
        conf = yaml.load(f, Loader=yaml.SafeLoader)
except IOError:
    print("Missing build_postfix_virtual.yaml file")
    exit(1)

new_content = []

with open(POSTFIX_VIRTUAL_FILENAME) as infile:
    content = infile.readlines()

file_updated = False
for line in content:
    line_updated = False
    for address in conf['addresses']:
        print(f'{line.strip()} compared to @{get_name(address["name"])}$/  {address["recipient"]}')
        if line.strip().endswith('@{name}$/  {recipient}'.format(
                name=get_name(address['name']),
                recipient=address['recipient'])):
            virtual_line = get_virtual_line(address['name'],
                                            address['blocked_domains'],
                                            address['recipient'])
            if line.strip() == virtual_line:
                print('No change detected in {name}.'.format(
                    name=address['name']))
            else:
                print('Updating line for {name}'.format(
                    name=address['name']))
                new_content.append(virtual_line + "\n")
                line_updated = True
                file_updated = True
    if not line_updated:
        new_content.append(line)

if file_updated:
    print('Updating file')
    with open(POSTFIX_VIRTUAL_FILENAME, 'w') as outfile:
        for line in new_content:
            outfile.write(line)
else:
    print('No changes, file unmodified.')

build_postfix_virtual.yaml

addresses:
  - name: example.com
    blocked_domains:
      - southernrailway.com
      - store.yahoo.net
      - offthegridsf.com
      - disney.go.com
      - fixya.com
      - fusionbeads.com
      - cb.com
      - dyndns.com
      - alertpay.com
      - bernzilla.com
      - boxee.tv  # pwned
      - beermapping.com
      - myspace.com  # pwned
      - linkedin.com  # pwned
      - dropbox.com  # pwned
      - mydroidworld.com
      - last.fm  # pwned
      - tools.ltb-project.org
      - namecheap.com  # pwned
      - forums.linuxmint.com  # pwned
      - centos.org
      - lendingtree.com
      - craigwatch.com
      - npmjs.org
      - bit.ly  # pwned
      - boingboing.net  # pwned
      - disqus.com  # pwned
      - newrelic.com  # pwned
      - producteev.com
      - armorgames.com  # pwned
      - houzz.com  # pwned
      - whitepages.com  # pwned
      - roll20.net  # pwned
      - livejournal.com  # pwned
      - admin  # Just a common address that spammers guess
      - opensubtitles.org  # Hacked in 2021 : https://forum.opensubtitles.org/viewtopic.php?f=1&p=46835
      - makezine.com  # 2022-05-16 received spam/phishing email implying the email addresses of makezine were compromised
      - plex.tv  # 2022-08-24 Plex hacked, email leaked
      - covr.sos.ca.gov
    recipient: jdoe@gmail.com
  - name: example.org
    blocked_domains:
      - ubnt.com  # 1/11/2021 account breach. 
      - boingboing.net  # pwned
      - disqus.com  # pwned
      - newrelic.com  # pwned
    recipient: alice@gmail.com