KLaM Postmaster a écrit :
> Noel Jones wrote:
>> Voytek Eymont wrote:
>>> On Sat, January 24, 2009 1:39 am, Noel Jones wrote:
>>>
>>>> reject_unknown_reverse_client_hostname reject_rbl_client
>>>> zen.spamhaus.org
>>>> {a greylisting policy service}
>>>
>>> Noel,
>>>
>>> is that a good place to add reject_unknown_reverse_client_hostname ?
>>>
>>> smtpd_recipient_restrictions =
>>> permit_sasl_authenticated,
>>> permit_mynetworks,
>>> check_client_access hash:/etc/postfix/pop-before-smtp,
>>> reject_unauth_destination,
>>> check_recipient_access hash:/etc/postfix/recipient_no_checks,
>>> reject_non_fqdn_sender,
>>> reject_non_fqdn_recipient,
>>> reject_invalid_hostname,
>>> reject_non_fqdn_hostname,
>>> reject_unknown_sender_domain,
>>>>>>> reject_unknown_reverse_client_hostname <<<<
>>> reject_unlisted_recipient,
>>> check_sender_access hash:/etc/postfix/freemail_access,
>>> check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,
>>> check_helo_access hash:/etc/postfix/helo_checks,
>>> check_sender_access hash:/etc/postfix/sender_checks,
>>> check_client_access hash:/etc/postfix/client_checks,
>>> check_client_access pcre:/etc/postfix/client_checks.pcre,
>>> reject_rbl_client zen.spamhaus.org,
>>> ....
>>>
>>>
>> Yup, that's fine.
>>
> is there some way of implementing the something like "client_RBL_checks".
> I was thinking that even though the incoming mail has managed to get by
> the various checks by the time the recipient get around to replying the
> senders address may have wound up in spamcop, and if not spamcop some
> other like list.
>
the reply is a different message: you can't infer the "original" client
by checking the response.
you can however greylist the client and hope that it will be listed when
it will retry.
but this won't help with fraud mail sent via gmail, yahoo, hotmail,
$bigisp unless you are willing to block such big ones. Almost all
phishing and 419 mail I see comes from large ISPs that I won't block.
One day, I may add more checks if the client is one of these, but for
now, spamassassin gets most of these (use JM_SOUGHT rules for this. ask
on spamassassin list if you don't know how to get them...).
> just wondering
> JLA.
>
