OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: order for RBL and mailbox validation

From: Andrea S. Gozzi (as.gozzivp44.net)
Date: Fri Sep 14 2007 - 06:43:33 CDT

On Fri, 2007-09-14 at 13:22 +0200, Geert Hendrickx wrote:
> On Fri, Sep 14, 2007 at 07:01:21AM -0400, Justin Piszcz wrote:
> >
> >
> > On Fri, 14 Sep 2007, mouss wrote:
> >
> > >Andrea S. Gozzi wrote:
> > >>Hi.
> > >>I'm running a small postfix server (virtual users on mysql) for a 6-7
> > >>domains, a couple MLs and about 40 mailboxes.
> > >>I've implemented RBL checks in postfix but most of the spam is sent to
> > >>invalid email addresses, so I was wondering if it was possible to have
> > >>the validity address check performed before RBLs.
> > >>I know purpose of RBL is to prevent mail from even entering postfix but
> > >>if I run checks with SA I'm afraid it would take longer (and more system
> > >>resources - I'm tight on that).
> > >>Thank you,
> > >
> > >
> > >smtpd_recipient_restrictions =
> > > reject_non_fqdn_sender
> > > reject_non_fqdn_recipient
> > > reject_unlisted_sender
> > > reject_unlisted_recipient
> > > ...
> > > reject_unauth_destionation
> > > ...
> > > reject_rbl_client zen.spamhaus.org
> > > ...
> > >
> > >
> > >put them where you want.
> > >
> >
> > Is that the recommended way rather than specifying them to = yes or = no
> > in other parts of main.cf?
> >
> Sep 14 13:36:34 bnix postfix/smtpd[29230]: connect from unknown[unknown]
> Sep 14 13:36:34 bnix postfix/smtpd[29230]: lost connection after CONNECT from unknown[unknown]
> Sep 14 13:36:34 bnix postfix/smtpd[29230]: disconnect from unknown[unknown]
> > Trying that now, thanks.
>
>
> Yes if you want to have control over the _order_ in which the checks take
> place (and I understand that was your original question?).
>
> Geert

I was trying to make postfix FIRST check for destination email address
validity and THEN make RBL test.
Since, as I said, most spam goes to unexisting mailboxes that would save
me dns queries (even though I cache locally).
I will try what Justin and "mouss" suggested and see what happens.

Andrea

btw, should I worry about this:

> Sep 14 13:36:34 bnix postfix/smtpd[29230]: connect from
unknown[unknown]
> Sep 14 13:36:34 bnix postfix/smtpd[29230]: lost connection after
CONNECT from unknown[unknown]
> Sep 14 13:36:34 bnix postfix/smtpd[29230]: disconnect from
unknown[unknown]

it was harmless, but what about the undetected IP?