Mailinglist Archive: opensuse (2831 mails)

< Previous Next >
Re: [SLE] Postfix UCE, rbl, cidr and ehlo
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 14 Jul 2006 18:52:47 +0200
  • Message-id: <44B7CBDF.2040901@xxxxxxxxxxxxxxxxxxxxxxx>
david rankin wrote:
From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>

The Thursday 2006-07-13 at 12:05 -0500, david rankin wrote:

Take Per's example:

> 217.0.0.0/8 REJECT You are unwelcome here...

...

So Per's part of the IP range would get through, but the rest would not.
I'm still working on this. I'll conduct a test without the

Yes, but you only know that you have to make that exception because he
told you through a mail list. A person trying to contact you directly,
without knowing that, would fail. I would be rejected, also.

In the end, you will be rejecting every body, because there are spammers
everywhere.


Yes,

And, I hate cutting off my nose to spite my face....... I have removed the check_client_access hash all together and the spam reduction is still great! My current setup is:

smtpd_client_restrictions = reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client list.dsbl.org, reject_unknown_client
smtpd_hard_error_limit = 3
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_check.pcre
unknown_client_reject_code = 550
unknown_local_recipient_reject_code = 550

The results: out of 218 spam messages that were sent to my server only 8 got through and 210 were rejected. That is a great, great improvement. This was without the hash table blocking entire ranges of IP address. I have only been informed of one false positive and that was due to sender header re-writing that was misconfigured. I like what I see. I'll look into the postgrey/greylisting and see if I can add another bit of protection. But catching 210 out of 218 is awesome. Thanks for all of your help!!!!

I guess that most of the spam is rejected by reject_non_fqdn_hostname, followed by sbl-xbl. At least on my servers that is one of the most effective restrictions.

Be aware that anything you add now will only reject a little bit more spam ,but might make your system more complex and difficult to administer.

I'd leave the rest to spamassassin and antivirus filtering.

Sandy
--
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com

--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx


< Previous Next >