|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
comments: reject msgs with headers having Class A's in BOGON networks?
From: Len Conrad (LConrad
Go2France.com)
Date: Sat Aug 02 2003 - 13:34:35 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm currently evaluating, using WARN, with this filter built on Rob's BOGON
nets.
pcre:/etc/postfix/header_checks_bogon.regexp
#debut
/(\[|\()
(0\.
|1\.
|7\.
|23\.
|27\.
|31\.
|36\.
|37\.
|39\.
|41\.
|42\.
|49\.
|50\.
|58\.
|59\.
|70\.
|71\.
|72\.
|73\.
|74\.
|75\.
|76\.
|77\.
|78\.
|79\.
|83\.
|84\.
|85\.
|86\.
|87\.
|88\.
|89\.
|90\.
|91\.
|92\.
|93\.
|94\.
|95\.
|96\.
|97\.
|98\.
|99\.
|100\.
|101\.
|102\.
|103\.
|104\.
|105\.
|106\.
|107\.
|108\.
|109\.
|110\.
|111\.
|112\.
|113\.
|114\.
|115\.
|116\.
|117\.
|118\.
|119\.
|120\.
|121\.
|122\.
|123\.
|124\.
|125\.
|126\.
|169\.254\.
|173\.
|174\.
|175\.
|176\.
|177\.
|178\.
|179\.
|180\.
|181\.
|182\.
|183\.
|184\.
|185\.
|186\.
|187\.
|189\.
|190\.
|192\.0\.2\.
|197\.
|223\.)/x WARN ACL bogon
#special exclusions for MS + Apple MTA versions: "(5." and "(2." (ie, filter
only for "[5." and "[2." .
/\[(5|2)\.)/x WARN ACL bogon
#fin
From watching two different sites with:
tail -f /var/log/maillog | egrep "ACL bogon"
I'm seeing almost apparently no false positives, and a gratifying number of
WARNs (that of course escaped all my smtpd_* restrictions).
Comments?
Len
_____________________________________________________________________
http://MenAndMice.com/DNS-training: London; Chicago; San Jose; Wash DC
IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]