|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Robert Lopez (rlopezcnm
gmail.com)
Date: Thu Oct 01 2009 - 11:47:47 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
My understanding of client and sender are these:
Client: An application used to send, receive e-mail messages.
Sender: The from or sender "name" in the header that shows who (is
claimed to have) sent the email.
The context of the use that has me concerned are these:
smtpd_client_restrictions and smtpd_sender_restrictions
I currently have these lines in main.cf:
check_client_access=hash:/etc/postfix/access
smtpd_client_restrictions =
permit_mynetworks
hash:/etc/postfix/whitelist
reject_rbl_client zen.spamhaus.org
reject_rbl_client bl.spamcop.net
reject_rbl_client dnsbl.njabl.org
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.4
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.5
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.6
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.7
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.8
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.9
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.10
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.11
reject_rbl_client blackholes.five-ten-sg.com=127.0.0.13
permit
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/greylist
check_sender_access hash:/etc/postfix/sender_access
permit_mynetworks
reject_unknown_sender_domain
To me the content of the sender_access hash makes sense if it contains
terms such as
lucky13yaha.com DISCARD
Does it also work correctly if that same files also has terms such as
64.94.244 DISCARD
where the intent is to block any of
64.94.244.xxx
?
Right now that ip address example shown above (64.94.244) is in the
sender_access file (and the sender_access.db) but the log file shows
events such as this:
Sep 27 17:56:19 mgxx postfix/cleanup[22432]: 596A81FFCD: hold: header
Received: from av7.experience.com (unknown [64.94.244.50])??by
mgxx.cnm.edu (Postfix) with SMTP id 596A81FFCD??for <gleveecnm.edu>;
Sun, 27 Sep 2009 17:56:16 -0600 (MDT) from unknown[64.94.244.50];
from=<no_replyexperience.com> to=<xxxxxcnm.edu> proto=SMTP
helo=<av7.experience.com>
Sep 27 17:56:19 mgxx postfix/cleanup[22432]: 596A81FFCD: message-
id=<27390832.651.1254095751632.JavaMail.rootav7.experience.com>
Sep 27 17:56:19 mgxx postfix/cleanup[22432]: 596A81FFCD: warning:
header Subject: eRecruiting Saved Search - Abq-Lots from
unknown[64.94.244.50]; from=<no_replyexperience.com>
to=<xxxxxcnm.edu> proto=SMTP helo=<av7.experience.com>
Sep 27 7:56:22 mgxx MailScanner[9931]: Requeue: 596A81FFCD.2D1A1 to C98C42016A
Sep 27 17:56:22 mgxx postfix/qmgr[24665]: C98C42016A:
from=<no_replyexperience.com>, size=33955, nrcpt=1 (queue active)
Sep 27 17:56:22 mgxx postfix/smtp[23167]: C98C42016A:
to=<gleveetvimail.cnm.edu>, orig_to=<gleveecnm.edu>,
relay=tvimail.cnm.edu[198.133.181.119]:25, delay=5.7,
delays=5.6/0/0/0.03, dsn=2.5.0, status=sent (250 2.5.0 Ok.) Sep 27
17:56:22 mg05 postfix/qmgr[24665]: C98C42016A: removed
Based upon my understanding of the definitions of the terms I have
always been uncertain about putting ip blocks in the same file. I have
been told it has been working practice at this college for years
before I got here. I need to be certain we are doing the right things.
--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]