|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
terry.gilsenan
interoil.com
Date: Tue Jan 01 2008 - 20:08:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Matthias Schmidt wrote:
> Am/On Tue, 1 Jan 2008 20:45:37 -0500 schrieb/wrote Terry Carmen:
>
>
>>>>> 1 merloptlqsixcompanies.com (<>)
>>>>> 1 Mikhail-Rowensixcompanies.com (<>)
>>>>> 1 Miu_Connollysixcompanies.com (<>)
>>>>> 1 Natorywasixcompanies.com (<>)
>>>>> (tons and tons of these)
>>>>>
>>>>>
>>>> Backscatter. Joe-job.
>>>>
>>>>
>>> I don't think so.
>>> imho it is a bot-net spam-attack.
>>>
>>>
>> Bots are pretty easy to kill. You can refuse to talk to them by matching
>> their reverse DNS against a regular expression.
>>
>> This has also been a huge help.
>>
>> There's just no reason to accept mail from a Dynamic IP or an IP with no
>> reverse DNS, so blocking them cuts WAY down on bots. I can't take credit
>> for the list. Most of it was written by someone else (sorry, don't
>> remember who). I added the last handful of entries.
>>
>> Save the text below as spam_ip_regex, and add:
>>
>> check_client_access regexp:/etc/postfix/spam_ip_regex
>>
>> and
>>
>> reject_unknown_reverse_client_hostname
>>
>> to your smtpd_client_restrictions section.
>>
>> Postfix can handle a ton of traffic when all it has to do is reject. 8-)
>>
>> Terry
>>
>>
>>
>> ####################################################33
>> /^dsl.*\..*\..*/i 553 AUTO_DSL Email Rejected.
>> /[ax]dsl.*\..*\..*/i 553 AUTO_XDSL Email Rejected.
>> /client.*\..*\..*/i 553 AUTO_CLIENT Email Rejected.
>> /cable.*\..*\..*/i 553 AUTO_CABLE Email Rejected.
>> /dial.*\..*\..*/i 553 AUTO_DIAL Email Rejected.
>> /.*dial[\-]*in.*/i 553 AUTO_DIAL2 Email Rejected.
>> /ppp.*\..*\..*/i 553 AUTO_PPP Email Rejected.
>> /dslam.*\..*\..*/i 553 AUTO_DSLAM Email Rejected.
>> /node.*\..*\..*/i 553 AUTO_NODE Email Rejected.
>> /.*dial-up.*/i 553 AUTO_DIAL_UP_ID_PATTERN
>> Email Rejected.
>> /.*\.dhcp.*/i 553 AUTO_DHCP_ID_PATTERN Email
>> Rejected.
>> /.*[0-9]+[\.-][0-9]+[\.-][0-9]+[\.-][0-9]+[\.-]+.*/i 553
>> AUTO_DYNAMIC_ID_PATTERN_DOT_DASH Email Rejected.
>> /.*[0-9]+[\.-]net[\.-][0-9]+[\.-][0-9]+[\.-][0-9]+[\.-]+.*/i 553
>> AUTO_DYNAMIC_ID_PATTERN_DOT_DASH_NET Email Rejected.
>> /.*[0-9]+-[0-9]+-[0-9]+-[0-9]+\..*/i 553
>> AUTO_DYNAMIC_ID_PATTERN_DASHES Email Rejected.
>> /.*internetdsl.tpnet.pl/i 553 AUTO_PL_DSL_PATTERN
>> Email Rejected.
>> /.*\.cable.net.co\..*/i 553 AUTO_CABLE_DOT_NET
>> Email Rejected.
>> /.*dynamic.*/i 553 AUTO_DYNAMIC_PATTERN
>> Email Rejected.
>> /.*ppp.*/i 553 AUTO_PPP_PATTERN Email Rejected.
>> /.*user.*/i 553 AUTO_USER_PATTERN Email
>> Rejected.
>>
>>
>
>
> with these rules you might also reject legal eMails from servers running
> via dyndns, or?
>
<snip>
Surely that would depend entirely on the recipients interpretation of
"legal eMails", eg: my server, my rules.
I am of the opinion that people on dynamic connections should ether be
relaying emails via their ISP's SmartHost, or connecting to the
submission port and authenticating (method not discussed here). Its one
or the other.
Regards,
T
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]