On Friday 10 December 2004 00:39, Mark Bucciarelli <[EMAIL PROTECTED]> wrote: > I've recently turned on EHLO/HELO validation and am encouraged by how > effective it is. WIth RBL's (spamcop and dnsbl) and SpamAssassin 3, only > 88% of spam was stopped. So far, it's 100%. (This is a _very_ small
What exactly do you mean by EHLO/HELO validation? In my postfix configuration I have: smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_unknown_sender_domain I tried out "reject_unknown_hostname" but had to turn it off, too many machines had unknown hostnames. For example a zone foo.com has a SMTP server named postfix1 and puts postfix1.foo.com in the EHLO command but has an external DNS entry of smtp.foo.com. Such a zone is moderately well configured and there are too many such zones to block them all. The other helo restrictions get enough non-spam traffic. Using reject_unknown_hostname would get close to blocking 100% of spam, but that's because it would block huge amounts of non-spam email. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
