John Beaver wrote: > Leonardo Rodrigues Magalhães wrote: > >> Hello Guys, >> >> My policyd is being called on smtpd_recipient_restrictions for >> greylist and some other features. My smtpd_recipient_restrictions is >> configured like this: >> >> smtpd_recipient_restrictions = >> reject_unknown_recipient_domain, >> permit_sasl_authenticated, >> permit_mynetworks, >> reject_unauth_destination, >> reject_unlisted_recipient, >> check_policy_service inet:127.0.0.1:10031 >> >> I can watch several IP trying to harvest my server, trying to send >> email to several unknown users. But, i suppose, they are not being >> greylisted/blacklisted because reject_unauth and reject_unlisted are >> listed BEFORE the check_policy_service, which actually calls policyd. >> >> Question is ..... having check_policy_service right after >> permit_mynetworks would allow connections trying to send email to >> unknown users to be greylisted ? I was thinking on having this: >> >> smtpd_recipient_restrictions = >> reject_unknown_recipient_domain, >> permit_sasl_authenticated, >> permit_mynetworks, >> check_policy_service inet:127.0.0.1:10031, >> reject_unauth_destination, >> reject_unlisted_recipient >> >> Would that be OK ? >> > > Will it work, yes. But what are you expecting to accomplish with this > change? > As he mentioned above, what he expects to accomplish, is to greylist the connections which are trying to harvest addresses by running the dictionary attacks.
Joe ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ policyd-users mailing list policyd-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/policyd-users
