Mailinglist Archive: opensuse (2831 mails)

< Previous Next >
Re: [SLE] Postfix UCE, rbl, cidr and ehlo
From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>

The Thursday 2006-07-13 at 12:05 -0500, david rankin wrote:

Take Per's example:

> 217.0.0.0/8 REJECT You are unwelcome here...

...

So Per's part of the IP range would get through, but the rest would not.
I'm still working on this. I'll conduct a test without the

Yes, but you only know that you have to make that exception because he
told you through a mail list. A person trying to contact you directly,
without knowing that, would fail. I would be rejected, also.

In the end, you will be rejecting every body, because there are spammers
everywhere.


Yes,

And, I hate cutting off my nose to spite my face....... I have removed the check_client_access hash all together and the spam reduction is still great! My current setup is:

smtpd_client_restrictions = reject_rbl_client relays.ordb.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client list.dsbl.org, reject_unknown_client
smtpd_hard_error_limit = 3
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_check.pcre
unknown_client_reject_code = 550
unknown_local_recipient_reject_code = 550

The results: out of 218 spam messages that were sent to my server only 8 got through and 210 were rejected. That is a great, great improvement. This was without the hash table blocking entire ranges of IP address. I have only been informed of one false positive and that was due to sender header re-writing that was misconfigured. I like what I see. I'll look into the postgrey/greylisting and see if I can add another bit of protection. But catching 210 out of 218 is awesome. Thanks for all of your help!!!!

--
David C. Rankin, J.D., P.E.
RANKIN LAW FIRM, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
(936) 715-9333
(936) 715-9339 fax
www.rankinlawfirm.com
--


--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx


< Previous Next >
Follow Ups