From: David Landgren (no email)
Date: Tue Jun 01 2004 - 05:04:48 EDT
Philip Hallstrom wrote:
>
> On Fri, 28 May 2004 wrote:
>
>
>>Zitat von Philip Hallstrom <>:
>>
>>
>>>Hi -
>>> I'm looking into some of the greylisting options out there and
>>>they look pretty nifty. One thing I'm concerned about though is
>>>legitimate email sent from badly configuring mailers that don't attempt to
>>>resend as described here:
>>>
>>>http://www.greylisting.org/whitelisting.html
>>>
>>>The only one that really concerns me is the amazon.com listings.
>>>
>>>So here's my question... for those of you who have implemented
>>>greylisting, have you found this to be an issue? Or by adding these IP's
>>>and domains to the whitelist are things still okay.
>>
>>Do something like this :
>>
>>smtpd_recipient_restrictions =
>> reject_unauth_destination,
>>
>> .... (some other stuff)
>>
>> check_client_access hash:/etc/postfix/client-access,
>>
>> ..... (maybe some RBL)
>>
>> reject_unlisted_recipient,
>> check_policy_service (your prefered greylisting serevr)
>>
>>
>>In check client access you can list some sources you don't want to greylist like
>>this.
>>
>>amazon.com OK
>
>
> That works as long as you know what domains to accept from, but what if
> you don't know that list? I'm wondering if there's a master list of
> problematic servers out there? I've searched, but haven't hit anything
> yet...
In http://spf.pobox.com/objections.html in the section it says "Yahoo
Groups does not respect transient failure errors --- it treats them as
permanent." I don't know if this was ever true or still is, but that's
another site you should check.
David
> thanks -philip
>
--
Commercial OS breeds commerce, whereas free OS breeds freedom,
the only thing more dangerous and confusing than commerce.
-- Michael R. Jinks, redhat-list, circa 1997
|
|
|