please don't reply off- list
On 1-Sep-2009, at 02:48, nunatarsuaq wrote:
2009/9/1 LuKreme <krem...@kreme.com>:
On 31-Aug-2009, at 08:07, nunatarsuaq wrote:
Aug 30 11:46:28 ghost postfix/smtpd[26223]: connect from
ppp-124-122-30-5.revip2.asianet.co.th[124.122.30.5]
WHy are you accepting mail from an obvious DHCP address?
How to determine and block all dynamic addresses?
Assuming that the address is not caught by zen (and most all of them
are) then there are a number of strategies used that you can find
searching the list archives. This is what I use for postfix.
smtpd_recipient_restrictions =
[ Stuff ]
check_client_access pcre:$config_directory/check_client_fqdn.pcre,
check_recipient_access pcre:$config_directory/recipient_checks.pcre,
check_client_access hash:$config_directory/access,
reject_rbl_client zen.spamhaus.org,
permit
check_client_fqdn.pcre:
/\.?(dhcp|dialup|dynamic|ppp|pool)\.?/ REJECT Dynamic addresses
must use a real mailserver
/\.(dsl|\d+dsl|dsl\d+)\./ REJECT Dynamic DSL
looking address
/([[:digit:]]{1,3}[.-]){3}[[:digit:]]{1,3}/ REJECT Too many numbers in
HELO/EHLO
The first line would have caught that zombie, as would the third.
On 1-Sep-2009, at 14:30, Benny Pedersen wrote:
who says this ip is dynamic, just becurse the hostname look like it
is ?
Erm.... don't be naive. If they can't be bothered to have a better
rDNS then I can't be bothered to get their spam.
--
I said pretend you've got no money, she just laughed and said, 'Eh
you're so funny.' I said, 'Yeah? Well I can't see anyone else
smiling in here.'