On 5/2/2012 12:53 PM, [email protected] wrote: > > My recently installed Postfix works as I'd hoped; I moved it into full > production as our corporate server yesterday. > > There's one annoyance, and I admit that's all it is, that I'd like to > get rid of. *Noisy* pests. They irritate me. > > I'm interested in what others do in similar circumstance. > > My 'smtpd_recipient_restrictions' includes checks against DNSBLs, e.g. > spamhaus. > > The typical log pattern for a successful block is 5-10 of these: > > May 2 08:13:26 liam postfix/smtpd[17563]: NOQUEUE: reject: RCPT > from 206.pool85-50-110.dynamic.orange.es[85.50.110.206]: 554 > 5.7.1 Service unavailable; Client host [85.50.110.206] blocked > using zen.spamhaus.org; > http://www.spamhaus.org/query/bl?ip=85.50.110.206; > from=<[email protected]> to=<....@......> > proto=ESMTP helo=<livebox> > > within 5 minutes, then another round or few every 4-12 hourse for a > couple of days. I'll end up with 10-100 log entries effectively > documenting the fact that each pest is a pest. > > Postfix does what it's supposed to, and blocks them. > > I'd like to do two things: > > (1) limit log entries for these items with a logical condition:
Not possible within postfix. Maybe rsyslog or similar can filter out unwanted log entries, but I don't think anyone else bothers. That's what other folks use grep for. blocking dnsbl clients with postscreen rather than within smtpd_*_restrictions may reduce some logs. Then you can complain about the postscreen logging. > (2) communicate with a firewall on another box to act according to > similar logic: Fail2Ban can do this. -- Noel Jones
