Mailinglist Archive: opensuse (2831 mails)

< Previous Next >
Re: [SLE] Postfix UCE, rbl, cidr and ehlo
From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>

The Thursday 2006-07-13 at 12:05 -0500, david rankin wrote:

Take Per's example:

> REJECT You are unwelcome here...


So Per's part of the IP range would get through, but the rest would not.
I'm still working on this. I'll conduct a test without the

Yes, but you only know that you have to make that exception because he
told you through a mail list. A person trying to contact you directly,
without knowing that, would fail. I would be rejected, also.

In the end, you will be rejecting every body, because there are spammers


And, I hate cutting off my nose to spite my face....... I have removed the check_client_access hash all together and the spam reduction is still great! My current setup is:

smtpd_client_restrictions = reject_rbl_client, reject_rbl_client, reject_rbl_client, reject_unknown_client
smtpd_hard_error_limit = 3
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, check_recipient_access pcre:/etc/postfix/recipient_check.pcre
unknown_client_reject_code = 550
unknown_local_recipient_reject_code = 550

The results: out of 218 spam messages that were sent to my server only 8 got through and 210 were rejected. That is a great, great improvement. This was without the hash table blocking entire ranges of IP address. I have only been informed of one false positive and that was due to sender header re-writing that was misconfigured. I like what I see. I'll look into the postgrey/greylisting and see if I can add another bit of protection. But catching 210 out of 218 is awesome. Thanks for all of your help!!!!

David C. Rankin, J.D., P.E.
510 Ochiltree Street
Nacogdoches, Texas 75961
(936) 715-9333
(936) 715-9339 fax

Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

< Previous Next >
Follow Ups