Re: how Postfix anti spam configuration works with DNS-based Blackhole List providers

Thu, 22 Oct 2009 08:59:49 -0700 

On 10/22/2009 7:53 AM, Sharma, Ashish wrote:

Hello,

I have setup a Postfix mail server for incoming mails that is required
to never reply to external enviornment i.e it will accept all incoming
mails and never reply anything that can be used as a trace to locate and
verify it's existence.
It's not possible to hide the fact that you're running a mail server.
A port scan will easily and quickly show the existence of your server.
If you're not supposed to be running a mail server, it's far better, easier, and safer to rent a hosted server somewhere else and VPN to it. 



I have implemented the Postfix anti-UCE configuration by using the
following settings in postfix main.cf for countering spam generating
mail servers:

'smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net'

Now i have certain doubts/questions:

   1. How Postfix is able to communicate with Black hole list providers
      i.e How this whole process works?, e.g here they are
      zen.spamhaus.org, bl.spamcop.net, so that i can test the
      performance of whole process.


Postfix does a DNS lookup on the information requested.
For example, "reject_rbl_client zen.spamhaus.org" with a client IP of 1.2.3.4 will generate a DNS lookup of 4.3.2.1.zen.spamhaus.org. This is basically how all DNS-based blacklists work, but all this happens "behind the curtain" and shouldn't really concern you. Google for more in-depth explanations. 


   2. Can a header be added in the received mail regarding the status of
      the results of the above verification process, since i will not
      reply any traces from my incoming mail receiving Postfix server,
      so i need this feature?
If the client is listed in the blacklist, postfix will reject the mail. Nothing is sent out from postfix; the incoming mail is never accepted. The sending server will generate a bounce message to the original sender -- assuming a real mail server and a legitimate sender, not a spambot and/or forged sender. 

But again, trying to hide a mail server is futile.
To accept the mail and add headers to it, you would need a policy server or a content filter such as SpamAssassin. 



Please post relevant links for reference.


http://www.nmap.org
http://postfwd.org/
http://www.ijs.si/software/amavisd/


  -- Noel Jones

Reply via email to