On Thu, 2009-06-18 at 10:07 -0500, Noel Jones wrote: > Steve wrote: > > Hi List, > > > > What is the quickest, easiest (and scriptable) way to have Postfix > defer > > everything with a 4xx error. It's an extension to my 'after > midnight' > > tests. Not allowing any connections is fine, but I would prefer to > > reject with a custom 4xx message such as "GO AWAY - IT'S AFTER > MIDNIGHT > > -- COME BACK IN THE MORNING" > > > > It's an odd request to be able to 'offline' with a defer so I won't > be > > surprised if I can't do it, but I would be Cindy Ecstacy Ecstatic if > I > > could. > > > > TIA. > > Steve. > > > > > # /etc/postfix/deferall.regexp > /^/ DEFER Please try again during business hours > > (this assumes you aren't using "smtpd_client_restrictions" in > your current main.cf. You can substitute any > smtpd_*_restrictions section you aren't currently using) > two commands to defer everyone with a custom message: > postconf -e > 'smtpd_client_restrictions=regexp:/etc/postfix/deferall.regexp' > postfix reload > > two commands to enable mail: > postconf -e 'smtpd_client_restrictions=' > postfix reload > > and you can skip the "postfix reload" if you don't mind "lazy" > implementation. Postfix will pick up the changes to > smtpd_client_restrictions as smtpd processes are replaced. > > > Some notes: > - this should be effective in stopping most "botnet" spam, but > no more so than greylisting. > - this will delay legit mail that arrives during the "after > hours" timeframe. The length of delay is controlled by the > sender, and could be significant. > - this won't have any effect on spammers that retry; it will > just delay their delivery along with the legit mail. > > My recommendation is to just implement greylisting and skip > this nonsense. > > > -- Noel Jones I'm not so sure it's nonsense. Look at it this way if the office is closed there is nobody there to deal with email. So it's pointless to accept it. Trawling my logs I can just see the same old UK spammers knocking away all night. They are blocked anyway, but it I like to play and test. Basically sending an email outside of business hours does not get a quicker reply so I think it's valid to test this angle. Grey listing is something I am no fan of.
I am using client restrictions, but I can just as easily 'swap' the conf file around with a script. You've hit the nail right on the head Noel and I appreciate your help. Thank you. Steve.
