Hi all, I just had a viagra spam from gprs4f7a24e6.pool.t-umts.hu (gprs4f7a24e6.pool.t-umts.hu [79.122.36.230] sneak past both of my pcre checks which should have killed it. Until today they've been working flawlessly, or so I believe, and I have ample log entries showing they've been working. Here are my checks, both performed via smtpd_client_restrictions but without explicit check_client_access:
smtpd_client_restrictions = pcre:/etc/postfix/access.pcre, pcre:/etc/postfix/check_client_fqdn.pcre /etc/postfix/access.pcre /^.*?(lv|ec|id|ph|at|hu|tr|ee|pl|ro|my|co|tw|br|za|do|cz|bg|by|kr|jp|fr|cn|ru)$/i 550 We do not accept mail from .$1 domains /etc/postfix/check_client_fqdn.pcre /\.?(dhcp|dialup|dynamic|ppp|pool)\.?/ REJECT Dynamic/DSL/Residential not allowed /\.(dsl|\d+dsl|dsl\d+)\./ REJECT Dynamic/DSL/Residential not allowed Logs show both killing spam yesterday. check_client_fqdn.pcre has already killed some today, but nothing killed by access.pcre yet today. Any idea what's gone awry? Is there a way I can test the offending FQrDNS against these two filters from the command line, with postconf or something? What log data should I be looking for that may tell me why pcre checks suddenly stopped working, or just didn't work on this Hungrian Viagra connection? Disclaimer: Please refrain from subjective comments WRT my blocking of FQrDNS TLDs. I run a very small domain in the U.S. that will very likely never receive legit mail from those countries, but has received spam from them. It's a quick, easy, and effective way to block spam. It may not be "PC" or to your liking, but please accept the fact that it works for me. Thanks. -- Stan