On 8/5/2013 6:16 PM, Ronald F. Guilmette wrote:
> In message <520023b2.1070...@megan.vbhcs.org>,
> Noel Jones wrote:
>>> OK. Works for me! I just wish that it wasn't necessary to
>>> have to run an external PCRE to catch it, and that the
PCRE tables don't "run externally". They're simply tab
On 8/5/2013 2:52 AM, Ronald F. Guilmette wrote:
> Actually, having adjusted my smtpd_recipient_restrictions rather
> dramatically today, and looking now at the day's maillog file,
> I think that I am entirely less sure that the problem is what
> I said it was earlier. I am now getting at least _s
In message <520023b2.1070...@megan.vbhcs.org>,
Noel Jones wrote:
>On 8/5/2013 4:16 PM, Ronald F. Guilmette wrote:
>
>>> I see zero value in testing to see if the HELO IP is forged, since
>>> using any IP seems to be a very strong spambot indicator.
>>
>> OK. Works for me! I just wish that it
On 8/5/2013 4:16 PM, Ronald F. Guilmette wrote:
>> I see zero value in testing to see if the HELO IP is forged, since
>> using any IP seems to be a very strong spambot indicator.
>
> OK. Works for me! I just wish that it wasn't necessary to
> have to run an external PCRE to catch it, and that t
In message <51fff9c5.9070...@megan.vbhcs.org>,
Noel Jones wrote:
>No. Here, near-zero legit clients use bracketed HELO. Looks as if
>I've whitelisted 2 clients in the last ~5 years (I see one of them
>has fixed their HELO sometime since then). That's close enough to
>zero for me.
I agree.
>M
On 8/5/2013 12:54 PM, Ronald F. Guilmette wrote:
> In message <51ff9e18.9050...@megan.vbhcs.org>,
> Noel Jones wrote:
>
>> I use a pcre table to reject any HELO that starts with a bracket or
>> looks like an IP. Legit hosts that use this form are very rare here
>> -- maybe one every couple years
In message <51ff9e18.9050...@megan.vbhcs.org>,
Noel Jones wrote:
>I use a pcre table to reject any HELO that starts with a bracket or
>looks like an IP. Legit hosts that use this form are very rare here
>-- maybe one every couple years.
>...
>There is no built-in postfix restriction to compare
On 8/5/2013 3:16 AM, Ronald F. Guilmette wrote:
> In message <51ff2ad2.2080...@hardwarefreak.com>,
> Stan Hoeppner wrote:
>
>> BTW, if you want to maximize potential hits on RHSBLs just short of
>> doing body checks, you may want to give Sahil Tandon's TCP server based
>> RHSBL header checker a
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
> In message <51ff13eb.8090...@megan.vbhcs.org>,
> Noel Jones wrote:
>
>> On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
>>> Does reject_non_fqdn_helo_hostname, when placed in the
>>> smtpd_helo_restrictions, permit clients to HELO/EHLO
>>> with
In message <51ff2ad2.2080...@hardwarefreak.com>,
Stan Hoeppner wrote:
>BTW, if you want to maximize potential hits on RHSBLs just short of
>doing body checks, you may want to give Sahil Tandon's TCP server based
>RHSBL header checker a spin. It grabs domains from headers and checks
>them again
In message <51ff2563.1070...@hardwarefreak.com>,
Stan Hoeppner wrote:
>> If not maybe a new restriction
>> verb would be useful to perform this exact check.
>
>Maybe you should explain why you're having a problem rejecting spamware
>that HELO's with an IP literal.
Did I say I was having a prob
In message <51ff1bba.9000...@hardwarefreak.com>,
Stan Hoeppner wrote:
>> Doing RBL client checks in postscreen?
>
>That would be one cause.
As I mentioned, I am not using postscreen at the present time.
>Another could be having duplicate
>reject_rbl_client statements in smtpd_client_restricti
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
> Do I need to use that if I want to perform RHSBL checks?
BTW, if you want to maximize potential hits on RHSBLs just short of
doing body checks, you may want to give Sahil Tandon's TCP server based
RHSBL header checker a spin. It grabs domains fr
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
> In message <51ff13eb.8090...@megan.vbhcs.org>,
> Noel Jones wrote:
>
>> On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
>>> Does reject_non_fqdn_helo_hostname, when placed in the
>>> smtpd_helo_restrictions, permit clients to HELO/EHLO
>>> with
On 8/4/2013 9:54 PM, Noel Jones wrote:
> On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
...
>> Also, I have just added all of the following to my
>> smtpd_recipient_restrictions:
>>
>> reject_rhsbl_reverse_client multi.surbl.org
>> reject_rhsbl_reverse_client multi.uribl.com
>>
In message <51ff13eb.8090...@megan.vbhcs.org>,
Noel Jones wrote:
>On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
>> Does reject_non_fqdn_helo_hostname, when placed in the
>> smtpd_helo_restrictions, permit clients to HELO/EHLO
>> with a square-bracket enclosed dotted quad IPv4 address?
>
>Yes.
On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
> Does reject_non_fqdn_helo_hostname, when placed in the
> smtpd_helo_restrictions, permit clients to HELO/EHLO
> with a square-bracket enclosed dotted quad IPv4 address?
Yes.
>
> If so, is the dotted quad checked to see that it properly
> represen
Does reject_non_fqdn_helo_hostname, when placed in the
smtpd_helo_restrictions, permit clients to HELO/EHLO
with a square-bracket enclosed dotted quad IPv4 address?
If so, is the dotted quad checked to see that it properly
represents the actual IP address of the actual current client?
Also, I h
18 matches
Mail list logo
