|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: selective greylisting?
From: Julian Pawlowski \(lists\) (lists
jp-solution.net)
Date: Wed Nov 01 2006 - 15:19:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Folkert,
Folkert van Heusden wrote:
> Would it be possible to do selective greylisting triggered by
> an rbl-list?
Yes. Eather use the function included with sqlgrey or if you want postfix to handle it have a look to check_client_access (if you want it per smtp-client host), check_recipient_access (if you want it per recipient) and check_sender_access (if you want it per sender).
http://www.postfix.org/postconf.5.html#check_client_access
http://www.postfix.org/postconf.5.html#check_sender_access
http://www.postfix.org/postconf.5.html#check_recipient_access
I use the following:
smtpd_recipient_restrictions =
...
check_client_access mysql:$config_directory/maps/client_access.mysql
check_client_access pcre:/etc/postfix/rules/dialups.pcre
...
check_recipient_access mysql:$config_directory/maps/recipient_greylist.mysql
permit
Additionally you have to define a new restriction class:
smtpd_restriction_classes = check_greylist
check_greylist = check_policy_service inet:127.0.0.1:2501
After it you can define the corresponding entries in your lookup tables für check_*_access and forward it to check_greylist as destination.
My dialups.pcre includes the following:
----------------------------
# well-known names do not need to be greylisted (one line!)
/^(.+[._-])*(apache|bounce|bulk|delay|d?ns|external|extranet|filter|firewall|forward|gateway|gw|m?liste?s?|(bulk|dead|mass|send|[eqw])?mail(er)?|e?mail(agent|host|hub|scan(ner)?)|messagerie|mta|v?mx|out(bound)?|pop|postfix|w?proxy|rela(is|y)|serveu?r|smarthost|vsmtp|web|www)(gate|mail|mx|pool|out|server)?[0-9]*[._-]/ DUNNO
# everything with 4 or more dots/hyphens in the hostname
/(\-.+){4}$/ check_greylist
/(\..+){4}$/ check_greylist
# every host with no reverse DNS
/unknown/ check_greylist
# grelist hosts with potential dynamic IP character in reverse DNS
# stolen from http://sqlgrey.bouton.name/dyn_fqdn.regexp (one line!)
/(^|[0-9.x_-])(abo|br(e|oa)dband|cabel|(hk)?cablep?|catv|cbl|cidr|d?client2?|cust(omer)?s?|dhcp|dial?(in|up)?|d[iu]p|[asx]?dsld?|dyn(a(dsl|mic)?)?|home|in-addr|modem(cable)?|(di)?pool|pppool|ppp|ptr|rev|static|user|YahooBB[0-9]{12}|c[[:alnum:]]{6,}(\.[a-z]{3})?\.virtua|[1-9]Cust[0-9]+|AC[A-Z][0-9A-F]{5}\.ipt|pcp[0-9]{6,}pcs|S0106[[:alnum:]]{12,}\.[a-z]{2})[0-9.x_-]/ check_greylist
----------------------------
Greetz,
Julian
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]