> also sprach Yaroslav Halchenko <[EMAIL PROTECTED]> > [2006.07.11.2133 +0200]: > > [Postfix] enabled = true > Please don't enable it by default. O sure ;-) I just cut pasted what I got from the user, but whenever I plug it in into shipped configuration it will be more manual process since I would need to prepend lines with comments just to comply with format used in the rest of config file...
> > > Not a bad idea; some thoughts: make sure you include the 5xx in the
> > > regexp to ensure that clients that legitimately come back don't get
> > > banned.
> > Didn't get it -- why ligitimate users will have "Recepient address
> > rejected" but will not have 5xx code?
> Local DNS failures and similar stuff, that will make postfix return
> 4xx instead.
May be I got your comment wrong: are you suggesting to block all 5xx
codes?
"Sender address rejected" can be caused by 450 Domain not found...
should not we use it?
And we better just block only limited set of 5xx since there are
legitimate ones such as
552 Requested mail action aborted: exceeded storage allocation
Another point/question is: should I simply rely on codes or symbolic
messages as well?
Most probably it would be better to rely on the codes instead of error
messages themselves since they can change...
Although "Relay access denied" seems to be used in reporting to
multiple error codes, so probably it would be useful to have the string
> > any advantage over 5 failures in 5 minutes? to don't ban ligitimate
> > users abusing the mail server? ;-) I don't think mail server will retry
> > on "unknown recepient" error from the server, or am I wrong?
> See above, but if you include 5xx it should be okay. Anyway, still,
just once again - do you mean include all of 5xx or just provide the
codes for already mentioned in the failregex?
> spammers tend to hammer, so catch them on that.
--
.-.
=------------------------------ /v\ ----------------------------=
Keep in touch // \\ (yoh@|www.)onerussian.com
Yaroslav Halchenko /( )\ ICQ#: 60653192
Linux User ^^-^^ [175555]
pgp14UqwbCs4i.pgp
Description: PGP signature
