On 01/11/07 18:25 -0400, Adam wrote: > Chris Knadle wrote: > > One favorite are email connections that start off with a HELO/EHLO > > greeting > > that isn't a FQDN as is required by RFC 2821. When I started rejecting > > these > > it cut out 33% of junk email, without having to do any expensive > > computation. > Chris, could you explain how to do this, or point me to someplace that > does? Thanks!
My postfix main.cf includes these lines... 01 smtpd_recipient_restrictions = 02 permit_mynetworks 03 reject_non_fqdn_hostname 04 reject_non_fqdn_sender 05 reject_non_fqdn_recipient 06 reject_unknown_sender_domain 07 reject_unknown_recipient_domain 08 reject_rbl_client list.dsbl.org 09 reject_unauth_destination 10 check_policy_service inet:127.0.0.1:10023 (line numbers added) Line 02 allows anything listed on the $mynetworks peramater, higher in the config file. This lists the IP ranges which are allowed to send mail (and bypass all the other restrictions below it). The specific restriction chris mentioned is there on line 03, and its friends on 04 and 05 do very similar. Line 06 checks to make sure that the sending domain actually has a MX or A record, indicating that domain is at least partially configured to recieve mail back. Line 07 is the same, reverse direction. For use when authorized senders are using a relay. Line 08 is a Relay Block List... an online listing of known spammers IP addresses. Line 09 will kill a message unless either my mailserver is the final destination for that message, or a relay. Line 10 is a part of the greylisting setup. Google for 'postgrey' if you want to check it out; basically it won't allow a remote mailserver to send you a message on the first attempt. The theroy is that only a real mailserver will try again. The theroy works very well in practice. Sendmail can do it if you know regex and M4. AIRC, exim has an example config snipplet somewhere you can activate. -porkchop _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Oct 3 - Security and Privacy Nov 7 - Django Python Application Framework
