NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2003-05

Re: Which RBLs to try?

From: Alexander Kolesnikoff (akhvv.uku.com.ru)
Date: Wed May 28 2003 - 00:10:11 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Wed May 28 12:56, Ralf Hildebrandt <Ralf.Hildebrandtcharite.de> wrote:
>
> This is what I use for sender address verification:
>
> hotmail.com reject_unverfied_sender
> web.de reject_unverfied_sender
> mail.ru reject_unverfied_sender
> etc.
>
Ralf, mail.ru always take email for nonexistent user.

This is what I use against spammers:

smtpd_restriction_classes = client_mailru
sender_mailru

smtpd_parent_match_subdomains = debug_peer_list,
fast_flush_domains,
mynetworks

smtpd_delay_reject = no

smtpd_helo_restrictions = permit_mynetworks
                          check_helo_access hash:/etc/postfix/access-helo

smtpd_sender_restrictions =
                permit_mynetworks
                .................
                check_helo_access hash:/etc/postfix/access-helo-classes
                check_sender_access hash:/etc/postfix/access-sender
                .................

access-helo:

mail.ru REJECT
.mail.ru mailru_client

mailru_client = check_client_access hash:/etc/postfix/client-mailru
reject

client-mailru:

.mail.ru OK

This will reject mail from not mail.ru hosts but with HELO like
"mx3.mail.ru".

------
access-helo-classes:

.mail.ru sender_mailru

sender_mailru = check_sender_access hash:/etc/postfix/sender-mailru
reject

sender-mailru:

  mail.ru OK
  bk.ru OK
  list.ru OK
  inbox.ru OK

access-sender:

  mail.ru REJECT
  bk.ru REJECT
  list.ru REJECT
  inbox.ru REJECT

This forbid take mail from really mail.ru with sender address not
belongs mail.ru, for example senderyahoo.com , AND forbid take mail from
NOT mail.ru hosts but with sender addresses belongs mail.ru: mail.ru,
bk.ru ...

All mail.ru hosts has reverse DNS RR like mx3.mail.ru,
fallback.mail.ru... but NOT "mail.ru". And HELO same.

This sheme work for yahoo.com, hotmail.com, aol.com, microsoft.com,
compuserve.com, mail.com .... and many others.

Alexander

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]