Re: [gentoo-user] [uOT] Thunderbird, Mozilla and HELO

Fri, 03 Nov 2006 03:03:20 -0800 

Rasmus Andersen wrote:

I have a slightly offtopic question that I hope I can get help with
here. I have a home server, running an MTA for my domain. As of the last
month or so, I have experienced a huge increase in spam and spam
bounces. To combat this, I have upped my MTA's pickyness quite a bit but
would like to up it more. Specifically, I would like to reject mail
where sender says HELO jaquet.dk and/or where the Received line looks
like [EMAIL PROTECTED] (my MTA's Received stamps are of the form
[EMAIL PROTECTED]). Spammers like to use these to 'fake' their way
through.



I'm not sure about blocking a specific HELO request, but I added the 
following configuration to my main.cf, and combined with postgrey, my 
Spam dropped from 150 per day to around 50 per month:


# Set the server to reject any unauthorised e-mails and set what can
# and can't be sent or received by the server
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
        permit_mynetworks
        reject_non_fqdn_hostname
        reject_invalid_hostname
        reject_rbl_client xbl-xbl.spamhaus.org
        reject_rbl_client bl.spamcop.net
        reject_rbl_client relays.ordb.org
        permit
smtpd_recipient_restrictions =
        permit_sasl_authenticated
        reject_non_fqdn_recipient
        reject_unauth_destination
        permit
smtpd_sender_restrictions =
        permit_sasl_authenticated
        reject_non_fqdn_sender
        reject_unknown_sender_domain
        reject_unauth_destination
        # can't move from here as needs to know sender
        check_policy_service unix:private/postgrey
        permit
smtpd_data_restrictions =
        reject_multi_recipient_bounce
        permit


I've also added the following lines to prevent clients from  trying 
address after address in the same connection:


# Limit the number of addresses the remove server can
# send mail to, also adjusting the error calculation level
smtpd_recipient_limit = 3
smtpd_recipient_overshoot_limit = 1



That helped my server and account greatly with no (apparent) risk to 
genuine mail either.


--
 Jonathan Wright                                 [EMAIL PROTECTED]
                                               http://djnauk.co.uk

 cat /dev/random (you never know, you may see something you like!)

 2.6.17-gentoo-r3-djnauk-b1 AMD Athlon(tm) XP 2100+
 up 57 days, 17:24, 1 user, load average: 0.78, 0.63, 0.30
--
gentoo-user@gentoo.org mailing list















    











					Reply via email to