On 7/12/2010 8:28 PM, Eric Shubert wrote:
If all of your submissions come from authenticated connections (which
they should), you can blacklist your own domain. I know this sounds
counter-intuitive, but since all of your domains authenticate, the
only rejections will be those who claim to come from your domain but
fail to authenticate, since authenticated connections pass all
filters. It works well to block all spam that forges your domain in
the sender's address.
There may be a small problem with this but should not be a major issue..
Most not all of my customers have their mail client authentication
required box unchecked if they are INSIDE my network but if they are
outside of my network they must have this checked. For example I own
208.44.160.xxx/24, 63.147.8.0/23,65.44.158.0/23,63.144.48.0/24 networks
and they are all on my wireless topology. If my customers are home on
these networks then the only path out is thru my data center which has
the main dns and mx services.
If they are not home say on vacation then they must set this box for
authentication. 2 yrs ago we started this by default to set them. So
there may be a few still out there with this not checked.
I am not scared to list my nets because I do welcome an attack from
outside. I do love my iptables and the unix scripting in image stream :)
Note, if you use squirrelmail, you should modify your SM configuration
to authenticate smtp submissions, and probably use port 587 as well
(instead of the default port 25). The stock squirrelmail configuration
does not authenticate by default.
Already configured this and works great:)
In case all of your submissions aren't authenticated (perhaps you have a
web app that doesn't authenticate), the new version of spamdyke (v4.1.0,
just released a week or so ago) contains a new option that will reject
emails where the sender and recipient address is the same. This is often
the case with such spam, and is the next best thing to blacklisting your
own domain.
FWIW, when you use qtp-install-spamdyke to upgrade to the latest
spamdyke version, it will now also install qtp-prune-graylist so your
graylist stays pruned optimally. You should be sure to have the latest
qmailtoaster-plus package installed before upgrading spamdyke:
# yum update qmailtoaster-plus
# qtp-install-spamdyke
You can also use badmailto for restricting some of these spam messages
that contain numbers. See
http://wiki.qmailtoaster.com/index.php/Account_verification_using_badmailto
but I expect this would not be necessary if you're blacklisting your
domain(s).
The blacklist_rdns would be the place to list my domain?
--Dave
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
