nastvenie postfixu a SPAM
Jan Rusnak
jx06 na felis.sk
Úterý Červen 20 10:46:57 CEST 2006
Zdravim,
robil som experimenty s nastavenim Postfixu z dovodu znizenia poctu
prijatych spamov, a prisiel som k tomuto nastaveniu:
- "smtpd_client_restrictions = reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client combined.njabl.org"
Blokovanie klientov z dynamickych IP, a spam, openrelay, a.d.t IP.
- "smtpd_recipient_restrictions = reject_non_fqdn_recipient,
reject_unknown_recipient_domain, reject_unauth_destination"
Kontrola adr. recipienta.
- "smtpd_sender_restrictions = permit_mynetworks,
reject_non_fqdn_sender, reject_unknown_sender_domain"
Kontrola adr. odosialatela.
- Dalej sa vyzaduje HELO sequencia
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_hostname, reject_non_fqdn_hostname
Celkovo toto nastavenie v spolupraci zo spamassassinom znizilo pocet
spamov skoro na nulu, problem je ze sa obcas noduruci aj regulerna posta.
Problematicke je hlavne nastavenie reject_non_fqdn_hostname,
RFC 821 vyzaduje pre HELO "HELO <SP> <domain> <CRLF>", a je dost
serverov ktore nepouziju parameter domain ale napr. iba hostname.
Zaujimalo by ma ako mate tieto zelezitosti nastavene ... (restrikcie na
urovni smtp.)
--
JR
----------------------
JAN RUSNAK
<jx06 na felis.sk>
phone: +421 903 550345
----------------------
Další informace o konferenci Linux