From: Schmehl, Paul L (no email)
Date: Sun Sep 01 2002 - 13:27:37 EDT
I'm using pcre. In main.cf:
body_checks = pcre:$config_directory/body-checks.pcre
These are the last checks I do, because they're the most "expensive" (in
terms of CPU.) So the end of main.cf looks like this:
# Anti-relay and anti-spam stuff
smtpd_junk_command_limit = 5
maps_rbl_domains =
dynablock.wirehub.net,
blackholes.wirehub.net,
dialups.relays.osirusoft.com,
spamhaus.relays.osirusoft.com,
relays.ordb.org,
socks.relays.osirusoft.com,
proxies.relays.monkeys.com
smtpd_recipient_restrictions =
permit_mynetworks
reject_unauth_destination
check_client_access hash:$config_directory/access
check_sender_access hash:$config_directory/access
reject_unauth_pipelining
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_sender_domain
reject_maps_rbl
permit
header_checks = pcre:$config_directory/header-checks.pcre
body_checks = pcre:$config_directory/body-checks.pcre
(Most of what's in those files is virus blocks, not spam blocks.)
Pcre files are just flat text files using pcre (see
/etc/postfix/README_FILES/PCRE_README and
/etc/postfix/samples/sample-pcre-body.cf as well as man pcre, and don't
forget to compile Postfix with support for pcre.)
Most of the spam is bounced by the rbls. A smaller percentage is
dropped by the access list (I only use that for spammers that use the
same domain.tld all the time.) And every once in a while, the body
checks catch one. Today, I bounced one because of the |good\sporn|
filter. I've moved most of the domain.tld stuff to the access list,
because it's faster and you can reject the mail. The ones left in body
checks are ones that appear in the body of messages with consistently
forged headers (like extremewebcam.) Header and body checks have to
accept "DATA" before they can work.
And BTW, I picked up almost *all* of this right here on this list, with
the help of people like Ralf Hildebrandt and Eric (Cybertime Hostmaster)
and Noel Jones and Gary Woods and Clifton Royston. Some I shamelessly
ripped off from our postmaster, Amos Gouaux, and a very small percentage
(the body checks) I created myself based on my "spam collection" and
what was making it through the gauntlet of other checks.
Paul Schmehl ()
Project Coordinator
University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member
> -----Original Message-----
> From: Patrick McKane [mailto:]
> Sent: Sunday, September 01, 2002 12:10 PM
> To:
> Subject: RE: Using blacklists and RBL's with Postfix
>
>
> Do you build a .db with this? How do you incorporate it into
> the main.cf?
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|