Darren Pilgrim a écrit :
> Paweł Leśniak wrote:
>> The worst is I also have ~500 IPs which I can't tell from logs
>> (sender, recipient, ip, helo)
>> whether I want those messages or not.
>
> They will filter themselves for you. Legitimate MTAs will retry dozens
> to hundreds of times in 24 hours
Paweł Leśniak wrote:
The worst is I also have ~500 IPs which I can't
tell from logs (sender, recipient, ip, helo)
whether I want those messages or not.
They will filter themselves for you. Legitimate MTAs will retry dozens
to hundreds of times in 24 hours; however, zombies will only a try fe
mouss pisze:
Paweł Leśniak a écrit :
mouss pisze:
reject_unknown_helo_hostname would indeed be too aggressive. but you
could use restriction classes and only call it if the sender is null
(<>).
or you could run aggressive checks if the client has a "generic" reverse
dns. or in this par
Paweł Leśniak a écrit :
> mouss pisze:
>>
>> reject_unknown_helo_hostname would indeed be too aggressive. but you
>> could use restriction classes and only call it if the sender is null
>> (<>).
>>
>> or you could run aggressive checks if the client has a "generic" reverse
>> dns. or in this partic
mouss pisze:
reject_unknown_helo_hostname would indeed be too aggressive. but you
could use restriction classes and only call it if the sender is null (<>).
or you could run aggressive checks if the client has a "generic" reverse
dns. or in this particular case, simply reject *.rev.dynxnet.com
Jim Wright pisze:
On Jan 26, 2009, at 4:05 PM, Paweł Leśniak wrote:
I may be wrong, but I think I should not block sender on helo basis?
Most of what will be blocked are zombie systems that send no
legitimate mail, a very small number of legitimate mails 'may' be
blocked. It's a personal p
Paweł Leśniak a écrit :
> Jim Wright pisze:
>>> Jan 26 13:05:42 mail postfix/policy-spf[2500]: : Policy
>>> action=PREPEND Received-SPF: none (server.hipwah.com: No applicable
>>> sender policy available) receiver=mail.example.com; identity=helo;
>>> helo=SERVER.hipwah.com; client-ip=202.134.118.11
Paweł Leśniak a écrit :
> mouss pisze:
>> if all outbound mail goes via your server, you can use "poorman BATV".
>> for example: use smtp_generic to rewrite j...@example.com to say
>> joe+bou...@example.com, where '+' is your extension delimiter.
>>
>> then you can reject mail from the null sender
On Jan 26, 2009, at 4:05 PM, Paweł Leśniak wrote:
I may be wrong, but I think I should not block sender on helo basis?
Most of what will be blocked are zombie systems that send no
legitimate mail, a very small number of legitimate mails 'may' be
blocked. It's a personal preference, I boun
mouss pisze:
if all outbound mail goes via your server, you can use "poorman BATV".
for example: use smtp_generic to rewrite j...@example.com to say
joe+bou...@example.com, where '+' is your extension delimiter.
then you can reject mail from the null sender if it is not sent to a
/\+bou...@examp
Jim Wright pisze:
Jan 26 13:05:42 mail postfix/policy-spf[2500]: : Policy
action=PREPEND Received-SPF: none (server.hipwah.com: No applicable
sender policy available) receiver=mail.example.com; identity=helo;
helo=SERVER.hipwah.com; client-ip=202.134.118.114
reject_unknown_hostname
SERVER.hip
On Jan 26, 2009, at 10:12 AM, Paweł Leśniak wrote:
Jim Wright pisze:
On Jan 26, 2009, at 7:41 AM, Paweł Leśniak wrote:
One of our users is getting lots of returned mails because his
email address is used as return-path by spammer(s).
I would guess that your system accepting mail from unkno
Paweł Leśniak a écrit :
> mouss pisze:
>> This doesn't mean all your users mail has such message-id's:
>> - the message-id is added by the MUA. so if the MUA is named
>> joe.my.computer, the message-id will use this instead of example.com.
>>
>> - if your users post from other servers (their ISP, h
mouss pisze:
This doesn't mean all your users mail has such message-id's:
- the message-id is added by the MUA. so if the MUA is named
joe.my.computer, the message-id will use this instead of example.com.
- if your users post from other servers (their ISP, hotel, ...), the
message-id may be that
Paweł Leśniak a écrit :
> Hello,
>
> One of our users is getting lots of returned mails because his email
> address is used as return-path by spammer(s).
> After reading BACKSCATTER_README I'm almost sure I should have some
> body_checks to check against Message-ID and Return-path values.
>
> As
Chris Babcock pisze:
On Mon, 26 Jan 2009 08:52:00 -0600
Jim Wright wrote:
On Jan 26, 2009, at 7:41 AM, Paweł Leśniak wrote:
One of our users is getting lots of returned mails because his
email address is used as return-path by spammer(s).
I would guess that your system accepti
On Mon, 26 Jan 2009 08:52:00 -0600
Jim Wright wrote:
> On Jan 26, 2009, at 7:41 AM, Paweł Leśniak wrote:
>
> > One of our users is getting lots of returned mails because his
> > email address is used as return-path by spammer(s).
>
> I would guess that your system accepting mail from unknown se
Jim Wright pisze:
On Jan 26, 2009, at 7:41 AM, Paweł Leśniak wrote:
One of our users is getting lots of returned mails because his email
address is used as return-path by spammer(s).
I would guess that your system accepting mail from unknown servers?
Start blocking those, and you'll find th
On Jan 26, 2009, at 7:41 AM, Paweł Leśniak wrote:
One of our users is getting lots of returned mails because his email
address is used as return-path by spammer(s).
I would guess that your system accepting mail from unknown servers?
Start blocking those, and you'll find that these bounces
19 matches
Mail list logo