Hi Orly, You need to modify your list :). The regexps will also block legitimate customers on PLDT dsl (which reverse map to: adsl1-nnn.info.com.ph...
These are corporate DSL types with static ip addresses, and should be counted as legitimate smtp servers. FYI Ian On Tue, 8 Jul 2003, Orlando Andico wrote: > > # UCE controls > smtpd_client_restrictions = check_client_access hash:/etc/postfix/access > reject_rbl_client sbl.spamhaus.org > reject_rbl_client relays.ordb.org > reject_rbl_client proxies.relays.monkeys.com > reject_rbl_client proxies.blackholes.easynet.nl > check_client_access regexp:/etc/postfix/clientblocks > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > i have underlined the important addition. > the clientblocks file is below. > > basically if the connecting host has a DNS FQDN which contains the words > below (e.g. "dial" "ppp" "cable" "adsl" etc) then they are automagically > rejected. you wouldn't believe the amount of spam this stops! > > also the following will reject mail from open proxies (no need for a proxy > RBL!) > > smtpd_helo_required = yes > smtpd_helo_restrictions = reject_unauth_pipelining > > > === clientblocks file below === > > # all senders who are using dialup or cable modem > # get thrown out the door > > /[-.]dial/ 550 Use an authorized relay > /dial[-inu.]/ 550 Use an authorized relay > /^dial/ 550 Use an authorized relay > /[-.]ppp/ 550 Use an authorized relay > /ppp[-inu.]/ 550 Use an authorized relay > /^ppp/ 550 Use an authorized relay > /adsl/ 550 Use an authorized relay > /host*pool*/ 550 Use an authorized relay > /\.da\.uu\.net/ 550 Use an authorized relay > /\.du\..*uu\.net/ 550 Use an authorized relay > /client*\.attbi\.com/ 550 Use an authorized relay > /client2*\.attbi\.com/ 550 Use an authorized relay > /client*\.comcast\.net/ 550 Use an authorized relay > /pcp*\.comcast\.net/ 550 Use an authorized relay > /^pc.*\.comcast\.net/ 550 Use an authorized relay > /^bg.*\.comcast\.net/ 550 Use an authorized relay > /smtp*\.rr\.com/ OK > /\.rr\.com/ 550 Use an authorized relay > /pool*verizon\.net/ 550 Use an authorized relay > /dsl*verizon\.net/ 550 Use an authorized relay > /ipt\.aol\.com/ 550 Use an authorized relay > /ipt\.aol\.net/ 550 Use an authorized relay > /client*\.natinst\.com/ 550 Use an authorized relay > /hfep*\.dion\.ne\.jp/ 550 Use an authorized relay > /^CPE*\.cable\.rogers\.com/ 550 Use an authorized relay > /cable\.mindspring\.com/ 550 Use an authorized relay > /dsl\.pipex\.com/ 550 Use an authorized relay > /dsl*\.swbell\.net/ 550 Use an authorized relay > /nr*\.fuse\.net/ 550 Use an authorized relay > /dsl*\.ameritech\.net/ 550 Use an authorized relay > /[0-9]*\.roadrunner\.nf\.net/ 550 Use an authorized relay > /optonline\.net/ 550 Use an authorized relay > /^ip*\.cox.net/ 550 Use an authorized relay > /^cm*\.charter\.com/ 550 Use an authorized relay > /^[0-9]*\.arrival\.net/ 550 Use an authorized relay > /^[0-9]*\.rev\.krline\.net/ 550 Use an authorized relay > /^[0-9]*\.hinet\.net/ 550 Use an authorized relay > /adsl\.*apol\.com\.tw/ 550 Use an authorized relay > /pooles\.rima\-tde\.net/ 550 Use an authorized relay > /adsl*\.worldonline\.dk/ 550 Use an authorized relay > /dsl*\.antwerp\.kpn\.be/ 550 Use an authorized relay > /^ip*\.pacific\.net\.hk/ 550 Use an authorized relay > /cable\.ntl\.com/ 550 Use an authorized relay > /^te*\.transedge\.com/ 550 Use an authorized relay > /^p[0-9]*\.net\.upc\.nl/ 550 Use an authorized relay > /^host*\.alestra\.net\.mx/ 550 Use an authorized relay > /^h*\.covad\.net/ 550 Use an authorized relay > /dsl*\.pacbell\.net/ 550 Use an authorized relay > /dsl*\.solcon\.nl/ 550 Use an authorized relay > /host*\.btopenworld\.com/ 550 Use an authorized relay > /user*\.sprint\-hsd\.net/ 550 Use an authorized relay > /dsl*\.gil\.com\.au/ 550 Use an authorized relay > /dsl*\.info\.com\.ph/ 550 Use an authorized relay > /ip[0-9]*\.pronto\.spb\.su/ 550 Use an authorized relay > /dsl*\.easynet\.co\.uk/ 550 Use an authorized relay > /dsl*\.dslextreme\.com/ 550 Use an authorized relay > /dsl*\.prodigy\.net\.mx/ 550 Use an authorized relay > /[0-9]*\.xo\.net/ 550 Use an authorized relay > /c[0-9]*\.is\.net\.tw/ 550 Use an authorized relay > /s[0-9]*\.tele2\.cz/ 550 Use an authorized relay > /[0-9]*\.isp\.tfn\.net\.tw/ 550 Use an authorized relay > /adsl\.tisnet\.net\.tw/ 550 Use an authorized relay > /adsl\.zonnet\.nl/ 550 Use an authorized relay > /wsip*\.cox\.net/ 550 Use an authorized relay > /dsl\.speakeasy\.net/ 550 Use an authorized relay > /zzz\*splitrock\.net/ 550 Use an authorized relay > /^cpe/ 550 Use an authorized relay > /subscriber/ 550 Use an authorized relay > > /easymailers\.net/ REJECT > /outreachmarketing\.com/ REJECT > /madbrandz\.com/ REJECT > /arcamax\.com/ REJECT > /registeredwinners\.com/ REJECT > /megamailservers\.com/ REJECT > /newfunpages\.com/ REJECT > /postmasterdirect\.com/ REJECT > /offersondemand\.com/ REJECT > /offers/ REJECT > /porn/ REJECT > /freelotto/ REJECT > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > > -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
