|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: To all of You who use: reject_non_fqdn_hostname and reject_unknown_hostname
From: mouss (usebsd
free.fr)
Date: Fri Sep 01 2006 - 17:22:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
o2 - Marcin Wasilewski wrote:
> Hello,
>
> I have a question to all of You who use: reject_non_fqdn_hostname and
> reject_unknown_hostname.
> I get lot of SPAM messages and almost all of them are from host which
> in my mail.log are UNKNOWN, ie:
> connect from unknown[222.181.95.54]
> Sep 1 10:03:42 mymailhost postfix/smtpd[22196]: NOQUEUE: reject: RCPT
> from unknown[222.181.95.54]: 550 <ukaszdmydomainname>: Recipient
> address rejected: User unknown; from=<abelpmoreirahotmail.com>
> to=<ukaszdmydomainname> proto=ESMTP helo=<LENOVO-OEM>
>
> Actually I use:
> smtpd_helo_restrictions =
> permit_mynetworks
> check_helo_access hash:/etc/postfix/db/helo_access
> reject_invalid_hostname
>
> and I would like to enable
> reject_non_fqdn_hostname
> reject_unknown_hostname
>
> but I wonder how many false-positives it gives..
- you can use reject_non_fqdn_hostname, and either say "Standards are
standards", or check your logs and see if you need to whitelist some few
silly winboxes that use their netbios name. whether you can tell their
admini to fix their systems is a different matter (do they have an admin:-)
- reject_unknown_hostname is a different thing, because it uses DNS. and
here, you'll get more FPS:
* DNS misconfiguration seems common
* DNS suboptimal-configuration (abuse of CNAME and other redirections
that may result in timeouts) are also common
* your own dns system may have problems
* ...
so I would not recommend this today, unless you take the time to check
your logs and adjust your config.
>
> and one more question: I saw in doc that I could use: warn_if_reject,
> but how to correctly place it in my config to see how these two rules
> above will be hit.
you can place it before a check to modify the action
smtpd_recipient_restrictions =
...
warn_if_reject
reject_unknown_hostname
...
will not reject the "unknown hostname", but only generates a warning in
your logs.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]