Dan Nicholson wrote: > On 7/8/06, DJ Lucas <[EMAIL PROTECTED]> wrote: > I'm not sure I'm exactly following you. Are you saying that local mail > all gets relayed right now?
No. My mail setup is very similar to yours. The network is quite a bit different I'm sure. Way super overkill for a home network, but it was fun designing it, and I learned a lot! Anyway, I think I failed miserably in my explanation because I don't know the proper terminology. So, I'll explain by example. Stay with me...this is really long. :-) When a valid user sends mail to this server, they must use smtp auth over TLS. Here is a quick session log from a host not part of $mynetworks: [EMAIL PROTECTED] ~]# telnet mail.lucasit.com 25 Trying 192.168.142.225... Connected to lucasit.com. Escape character is '^]'. 220 pinski.lucasit.com ESMTP Postfix helo name1.lucasit.com 250 pinski.lucasit.com mail from: [EMAIL PROTECTED] 250 Ok rcpt to: [EMAIL PROTECTED] 554 <[EMAIL PROTECTED]>: Relay access denied quit 221 Bye Connection closed by foreign host. [EMAIL PROTECTED] ~]# In this first example, it's going out to the web, but the handshake was initiated with helo (no smtp auth) so relay was denied. Of course, if I had used my mail client, this would have worked, but I don't know how one can do tls by hand (if possible)...I suppose I could disable tls temporarily and use auth plain....heck with it, I think you'll get the idea that auth is required for any relay. Now, one to a valid mailbox on this server (again no auth). Note also that there is no '[EMAIL PROTECTED]': [EMAIL PROTECTED] ~]# telnet mail.lucasit.com 25 Trying 192.168.142.225... Connected to lucasit.com. Escape character is '^]'. 220 pinski.lucasit.com ESMTP Postfix helo name1.lucasit.com 250 pinski.lucasit.com mail from: [EMAIL PROTECTED] 250 Ok rcpt to: [EMAIL PROTECTED] 450 <[EMAIL PROTECTED]>: Recipient address rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help/lucasit.com.html) quit 221 Bye Connection closed by foreign host. [EMAIL PROTECTED] ~]# < Waiting for 5 minutes...of course I don't wait...> < whitelist name1, and restart postgrey > [EMAIL PROTECTED] ~]# telnet mail.lucasit.com 25 Trying 192.168.142.225... Connected to mail.lucasit.com. Escape character is '^]'. 220 pinski.lucasit.com ESMTP Postfix helo name1.lucasit.com 250 pinski.lucasit.com mail from: [EMAIL PROTECTED] 250 Ok rcpt to: [EMAIL PROTECTED] 250 Ok data 354 End data with <CR><LF>.<CR><LF> Subject: blah blah blah test message . 250 Ok: queued as 40AAB2630A quit 221 Bye Connection closed by foreign host. [EMAIL PROTECTED] ~]# Now what I want to see in that last example, as soon as 'mail from:' contains [EMAIL PROTECTED], an immediate disconnect because the client isn't authorized. I suppose a 554 is okay, actually a 554 is better as it's a fatal error. These types of mails account for a good deal of spam, that doesn't need to be scored. It shouldn't even make it through the gate being that I force my users to authenticate over TLS. Additionally, I'd really like to enhance that rule so that it covers '*lucasit.com*' in the 'mail from:' feild. I used to get quite a few with addresses in the from field similar to '[EMAIL PROTECTED]'. Those have fallen to a trickle since greylisting started in my box, but I'm still seeing it a lot in the other mail boxes. Of course, SA catches them, but it shouldn't have to! Hopefully that explains the end result. Now any idea how the question was supposed to read? :-) Thanks -- DJ Lucas -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
