Hello,
I have the following filters in smtpd.conf to cut the hosts sending SPAM:
filter no_dyndns \
phase connect \
match rdns regex { \
'.*\.dyn\..*', '.*\.dsl\..*', \
'([0-9]{1,3}\.){3}.*', \
'([0-9]{1,3}-){3}.*' \
} \
disconnect "550 We do not accept mail from dynamic IPs"
filter no_rdns \
phase rcpt-to \
match !rdns \
disconnect "451 Sending server has no reverse DNS (PTR record)"
filter no_fcrdns \
phase rcpt-to \
match ! fcrdns \
disconnect "451 No Forward Confirmed Reverse DNS. Please contact your
e-mail administrator"
and then
listen on 0.0.0.0 port 25 tls pki mail.svyrydiuk.eu \
ca cafile \
hostname "mail.svyrydiuk.eu" \
filter { no_dyndns, no_rdns, no_fcrdns }
On Wed, Apr 05, 2023 at 02:37:25AM +0000, Mik J wrote:
> Hello,
> Sometimes I'm getting spam because I have a weakness in my configuration
> At the moment I have
> action TO-CLAM_SMTPD_IN relay host smtp://127.0.0.1:10027
> match from src <clients> for domain <domaines> action TO-CLAM_SMTPD_IN
> match from any for domain <domaines> action TO-CLAM_SMTPD_IN
> The table clients is a file that contains IPs including 127.0.0.1, the table
> domaines is a list of domains that I host on my mail server
>
> My problem is that a spammer is able to send mails to me when it uses a
> domain that I host.For example, the file domaines contains mydomain1.org and
> mydomain2.orgThe spammer doesehlo emtpmail from:
> <existing-mailbox-such-as-i...@mydomain2.org>rcpt to: <m...@mydomain1.org>data
> subject: This is a spam
> Spamspamspam
> .
>
> So I would tend to write a rule such asmatch ! from domain <domaines> for
> domain <domaines> action TO-CLAM_SMTPD_INConsidering that users that write
> from mydomain2.org to mydomain1.org match the first rule since they are local
> or authenticated or coming from one of the known IPs.But this rule is not
> correct
>
> Thank you
--
with best regards,
Slavik Svyrydiuk
