On Mon, Jun 1, 2015 at 12:58 PM, Elijah Savage <esav...@digitalrage.org> wrote:
> Again thanks for all the great recommendations, I now have a few ways of > trying to combat this if my plan doesn't work. > > I have a utilized my spam filtering agent combined with a no rDNS rule and > increased the score of that rule. > > If this along with DNSRBL doesn't work then I will give some of the others > a try. This is expanding a bit on Elijah's OP, but here are my current restrictions that I've been running for a while: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, permit_dnswl_client list.dnswl.org=127.0.[2..14].[2..3], reject_invalid_helo_hostname, warn_if_reject reject_unknown_helo_hostname, warn_if_reject reject_non_fqdn_helo_hostname, reject_unknown_reverse_client_hostname, check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre, check_helo_access hash:/etc/postfix/helo_access, check_sender_access hash:/etc/postfix/sender_access, reject_rbl_client zen.spamhaus.org, reject_rhsbl_client dbl.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, permit smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination Sanity checks welcome. :) SteveJ