On Fri, Dec 02, 2005 at 02:23:00AM +0100, mouss wrote: > if you block at IP level, and if sender client is an MTA, it > will retry.
Uh? Only on DEFER (4xx), on REJECTs (5xx) the MTA is not supposed to retry. > To avoid listing ISPs, he could only list those clients wich > name looks dynamic. for instance, restrict to when hostname > matches /\d\d\d-\d/. (I am meaning to limit damages, not to say > that this pattern implies a dynamic client. it is still possible > to have an isp mailer named "outmail-212-3" if it's the 3d > mailer for some "212" block...) That or use reject_rbl_client with proper RBLs. That's actually the same like his idea, but _humanly_ verified (if it is a good RBL). I would very avoid RBLs which use automatic mechanisms unless they are failproof. Spamtraps are not. Alternatively he could use greylisting (by avoiding greylisting real MTAs) or policyd-weight. http://www.postfix.org/addon.html#policy However, an automatic blacklisting out of logs is a very call for trouble. Especially when it comes to forwarders and real MTAs (like ISPs). -- Robert Felber (PGP: 896CF30B) Munich, Germany ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
