|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Sender address rejected: need fully-qualified address
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Thu Aug 24 2006 - 13:27:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday 24 August 2006 12:53, Noel Jones wrote:
> >smtpd_helo_restrictions = permit_mynetworks
> >reject_non_fqdn_hostname reject_invalid_ho
> >stname hash:/usr/local/etc/postfix/spammers
>
> Here you're using your "spammers" table as a
> check_helo_access map. Earlier you used it as a
> check_client_access map. So which is it?
>
> >smtpd_recipient_restrictions = check_recipient_access
> >hash:/usr/local/etc/postfix/recipient
> > hash:/usr/local/etc/postfix/spammers
>
> and here "spammers" is used as a check_recipient_access
> map. So which is it?
I do this to some extent. For example, I download the Joewein.de spam
domain blacklist and build an access file of it[1], which I use for
check_{client,helo,sender}_access. (I might also try that with
*_{mx,ns}_access lookups to see how well it does.)
Rationale:
Client lookup: If the reverse DNS shows the host is owned by a known
spammer, I want nothing to do with them.
Helo/Sender lookup: If they are really the spammer, I want nothing to
do with them. If they are impersonating a spammer-owned domain, same
thing, only more so. :)
Sender/Helo MX: hmmm, not sure, but a local hash: file lookup is fast
enough that it won't hurt to try it (warn_if_reject).
Sender/Helo NS: I think this might catch a lot! I bet that ROKSO
spammers use a small number of NS hosts which could prove to be a
weakness for them.
Granted, however, a common mistake is that people fail to understand
differences in access(5) lookups, and that may well be happening in
this case. It's rather silly to do a check_recipient_access lookup as
an antispam measure.
[1] I build this daily at one site and share it among several others.
If anyone wants to wget(1) it from me, please write offlist and I'll
give you the details of when/where/how.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]