Using blacklists and RBL's with Postfix

From: Friedrisch Muller (no email)
Date: Sun Sep 01 2002 - 07:27:33 EDT

Hi,

I'm trying to use both blacklists and RBL's to reject
some of the spam. I have configured it as follow in
Postfix 1.1.11:

smtpd_helo_restrictions =
  hash:/etc/postfix/antispam/myown/helo-domain
  hash:/etc/postfix/antispam/monkeys.com/helo-domain

smtpd_client_restrictions =
  permit_mynetworks
  hash:/etc/postfix/antispam/myown/client
  hash:/etc/postfix/antispam/monkeys.com/client
  reject_unknown_client
  reject_maps_rbl
 
smtpd_sender_restrictions =
  hash:/etc/postfix/antispam/myown/sender-domain
  hash:/etc/postfix/antispam/myown/sender-address
  hash:/etc/postfix/antispam/monkeys.com/sender-domain
 hash:/etc/postfix/antispam/monkeys.com/sender-address
  reject_unknown_sender_domain
  reject_non_fqdn_sender
  reject_maps_rbl

maps_rbl_domains =
  relays.ordb.org
  relays.visi.com
  relays.mail-abuse.org
  dialups.mail-abuse.org
  blackholes.mail-abuse.org

smtpd_recipient_restrictions =
  permit_mynetworks
  reject_unauth_destination

As you see I'm using one set of hash-lists that I am
building myself and one set of hash-lists from
monkeys.org that I sync and re-make with a little
script every 10 minutes. What you think about that,
shouldn't that work?

Maybe someone can answer some of my six questions? :-)

1. Any idea why I only see rejects from my hash-lists,
but not from the RBL's in my /var/log/maillog ? How
will the RBL-rejects look like in the log?

2. I am now building up my own list of
sender-mail-addresses that should be rejected. I have
realized that many spammers seem to adjust the
from-address just a little bit like
  
  
Then I think it would be great if one could define
regexps for the sender-mail-addresses that should be
rejected, e g morthlp[0-9]*@yahoo.com in this case, is
it possible? How do I write my example regexp so that
it is a correct entry in the hash-table?

3. Anyone can hint me of more good RBL's to use than
the ones from ordb.org , visi.com , mail-abuse.org ?

4. When clicking around on www.mail-abuse.org I get a
bit confused... can I use their RBL's (like
relays.mail-abuse.org) for free or not? Do I have to
pay them to put my mailserver-IP in some database and
after that I will get correctly results from them?

5. Anyone can hint me of more good black-lists to
bring home with a cron, like the ones from monkeys.org
?

6. On http://www.ordb.org/faq/#usage they write how to
use their RBL (relays.ordb.org) with Postfix... they
write:
  maps_rbl_domains = relays.ordb.org
  smtpd_recipient_restrictions = reject_maps_rbl
But... why should I use the RBL with
smtpd_recipient_restriction , isn't it better to use
it with smtpd_client_restrictions and
smtpd_sender_restrictions ? Or should I use all three
or only one of them? I feel a bit confused...

Thanks for any help!

          Best regards / Friedrisch

PS. Ralf: Yes I like to spell my alias, hrm, I mean
name with an 's' :) DS.

__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users






Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD