Joachim Kieferle wrote:
Sandy Drobic wrote:
Joachim Kieferle wrote:
[RBLs listed]
[... more info about blocking mails]
A lot of spam is rejected by helo checks and greylisting.
Sandy
Hi Sandy,
two questions about that:
1. could you please point to some info about how to implement "helo
checks" (maybe a snippet from the main.cf?) and
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination
check_client_access hash:/etc/postfix/client_whitelist
reject_invalid_hostname,
reject_non_fqdn_hostname,
check_helo_access hash:/etc/postfix/helo_blacklist
/etc/postfix/client_whitelist:
# put all idiot server here from which you want to accept
# mails despite their stupid admins.
# allowed are ips and server hostnames
# do NOT add sender domains here!!
#
# remember to execute "postmap /etc/postfix/client_whitelist"
# after changing this file!!
#
1.2.3.4 permit_auth_destination
idiotsrv.example.com OK
/etc/postfix/helo_blacklist:
# Put all helo names here that you immediately want to reject,
# for example your own hostname and ip when other servers try
# to impersonate your domain.
#
# remember to execute "postmap /etc/postfix/helo_blacklist"
# after changing this file!!
#
yourdomain.example.com 554 Do not use my name as your HELO!!
11.22.33.44 554 Do not use my ip address as your HELO!!
reject_invalid_hostname blocks HELO that do not use hostnames allowed in DNS.
reject_non_fqdn_hostname blocks HELO that do not have a fully qualified
domain name like "localhost", "friend" etc.
2. is there greylisting available out of the (OpenSuSE 10.2) box?
Not that I am aware of. But Postgrey is not difficult to implement.
Sandy
--
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
