Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [SLE] Stopping spam to postmaster@ account?
From: "Sandy Drobic" <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
Hash: SHA1

The Tuesday 2006-04-04 at 17:34 +0200, Sandy Drobic wrote:

That is the only header line you can trust: it has been added by your postfix
server. And that is telling you that your server has accepted the mail from a
client that announced itself in HELO as "PC01" with the IP
Furthermore that IP has no Reverse DNS so Postfix regards the hostname as

dig -x +short

gives an empty result, which means it has no reverse DNS entry.

But "whois" gives some info:

country: CN
descr: CHINANET beijing province network

Unfortunately Postfix does not care about whois info. (^-^)

I could also mention the restriction "reject_unknown_hostname", although only postmaster that really hate spam more than they love their wanted mail would consider to apply that restriction. (^-^)

Don't laugh, I tested it (^-^)

If anyone is thinking about that restriction I strongly advise to test it first with "warn_if_reject reject_unknown_hostname". That will log a warning but not actually reject the mail. You will probably find out that there are a lot of badly misconfigured "professional" mailservers. :((

Sandy, how would I modify my my and /etc/postfix/recipient_check.pcre to do this. Right now I have:

[root@bonza david]# cat /etc/postfix/recipient_check.pcre
/^support@/ REJECT
/^info@/ REJECT
/^assistance@(rbpllc\.com|rankin-bertin\.com|guillorylaw\.com|garthlawfirm\.com|drrankin\.com)$/ REJECT
/^root@/ REJECT
/^sales@/ REJECT
/^admin@/ REJECT
/^accounting@/ REJECT
/^majordomo@/ REJECT
#/^postmaster@/ REJECT (commented for testing)

postconf -n
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_check.pcre
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
unknown_local_recipient_reject_code = 550

David C. Rankin, J.D., P.E.
510 Ochiltree Street
Nacogdoches, Texas 75961
(936) 715-9333
(936) 715-9339 fax

< Previous Next >
Follow Ups