Re: SENDEr-ACCESS exceptions

2018-01-03 Thread 
On 2 Jan 2018, at 10:19, James B. Byrne byrn...@harte-lyne.ca> wrote:
> My researches into the reputation of constantcontact.com does not
> inspire confidence and tends to support the original decision. 

Yep, they are spammer scum, one of those companies were (can't say un) 
subscribing is certain to get you added to many more spam lists and any 
complaints to them are ignored.

I would tell the organization the company they are dealing with is a hive of 
spammers and they should look for a different provider as many mail servers 
will reject they mail.

But, if you want to receive the mail for a specific user you just need to check 
for the user earlier in the smtpd_recipient_restrictions, right?

check_recipient_access hash:$config_directory/recipient_access
check_sender_access pcre:$config_directory/sender_access.pcre,



-- 
Han : This is not going to work. Luke: Why didn't you say so before?
Han : I did say so before!

Re: SENDEr-ACCESS exceptions

2018-01-02 Thread Viktor Dukhovni 


> On Jan 2, 2018, at 12:19 PM, James B. Byrne  wrote:
> 
> The constantcontact.com domain was added to our sender_access file:
> 
> constantcontact.com   REJECT
> .constantcontact.com  REJECT

They are a largely legitimate bulk mailer that offers their services
to business customers.  They aren't always able to weed out customers
with dirty contact lists preƫmptively.  So some of their traffic is
spam, but IIRC they drop and/or reeducate spamming customers.  YMMV.

I'd remove the rule and watch for unwanted traffic.  Report any abuse
you find to constantcontact, and see whether their response is adequate.

-- 
Viktor.

SENDEr-ACCESS exceptions

2018-01-02 Thread James B. Byrne 
The constantcontact.com domain was added to our sender_access file:

constantcontact.com   REJECT
.constantcontact.com  REJECT

I must have done this but at some distant time in the past as I have
no recollection of doing so.

The situation is that now one of the professional organisations our
firm belongs to sends its newsletter via constantcontact.com.  I can
of course simply remove constantcontact.com from the block list. 
However, given that it is one of only two such entries I must have had
considerable provocation to add it to begin with.

My researches into the reputation of constantcontact.com does not
inspire confidence and tends to support the original decision. 
However, i may be compelled to allow their servers to connect to
deliver this particular organisation's monthly newsletter.

At the moment this is what happens:

This is what we see in our logs respecting constantcontact.com

smtpd[14594]: NOQUEUE: reject: RCPT from
ccm168.constantcontact.com[208.75.123.168]: 554 5.7.1
:

Sender address rejected: Access denied;
from=

to= proto=ESMTP

helo=


This indicates that we obtain a recipient address from the connection
before it is rejected.  Is their a method available to me to permit
one recipient address for this sender and block all the rest?  Is
there a better way to block all traffic from constantcontact.com
except for a specific recipent?


-- 
***  e-Mail is NOT a SECURE channel  ***
Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3