On Jan 15, 2008, at 11:23 PM, Heiko Wundram (Beenic) wrote:
Am Dienstag, 15. Januar 2008 19:08:39 schrieb Chuck Swiger:
You didn't mention which mailserver or greylist software you are
using, but the postgrey implementation (for use with Postfix) has
this
in postgrey_whitelist_clients:
# greylisting.org: Yahoo Groups servers (no retry)
scd.yahoo.com
...and you could choose to whitelist all of yahoo.com just as easily.
I am using Postfix, but not postgrey, rather postfix-policyd, which
does
whitelisting of hosts based on IPs of the connecter. postfix-policyd
comes
with three blocks of IPs for the Yahoo Groups mailservers in the
default
whitelist, but none of the IPs I mentioned in my original mail falls
into
those groups.
OK. I use policy-weightd also; it doesn't greylist entries precisely,
but instead does RBL lookups and some checking of forward and reverse
DNS lookups, and then caches those results for a while. It will do a
good job of rejecting people claiming to send mail from a Yahoo
account if they do not use a mailserver in the yahoo.com domain:
Jan 16 03:21:52 <mail.info> pi postfix/smtpd[47289]: connect from
unknown[201.210.144.157]
Jan 16 03:21:54 <mail.info> pi postfix/policyd-weight[4912]: decided
action=450 temporarily blocked because of previous errors - retrying
too fast. penalty: 30 seconds x 0 retries.; delay: 0s
Jan 16 03:21:54 <mail.info> pi postfix/smtpd[47289]: NOQUEUE: reject:
RCPT from unknown[201.210.144.157]: 450 <[EMAIL PROTECTED]>:
Recipient address rejected: temporarily blocked because of previous
errors - retrying too fast. penalty: 30 seconds x 0 retries.; from=<
[EMAIL PROTECTED]> to=<[EMAIL PROTECTED]> proto=ESMTP
helo=<dC9D2909D.dslam-13-9-34-06-2-02.alf.dsl.cantv.net>
Jan 16 03:21:55 <mail.info> pi postfix/smtpd[47289]: lost connection
after DATA from unknown[201.210.144.157]
...but almost always, this is forged email being sent as spam to
accounts which don't exist in my local domain, so it seems to be doing
the right thing here.
Sorry for underspecifying my requirements, but that's the reason I
was asking
specifically. I knew about the postgrey whitelist entry you mentioned.
Right. Well, if you have some sample log lines from a known legit
sender which were being blocked, that would be helpful...
--
-Chuck
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
