On 5/26/2010 2:34 PM, brian wrote:
On 10-05-26 03:24 PM, Ansgar Wiechers wrote:
On 2010-05-26 Ralf Hildebrandt wrote:
Shouldn'T you use at least ONE RBL?
Probably wouldn't hurt, but unless he's trying to fight off spam sent to
valid users (which according to his description doesn't seem to be the
case) he could go without as well.
Correct. The SPAM problem is not directed at legitimate accounts (yet).
All of these rejections are for fictitious accounts under the .com
domain. I don't want to accept anything at all for that domain. However,
I must keep the domain pointed at this new server in order to catch web
traffic and redirect it.
b
Some random suggestions...
Use a bogus MX record for the old domain if that domain has no
valid mail recipients. Of course, some bots will connect to
your A record anyway...
You can use "reject_unlisted_recipient" early in your
smtpd_recipient_restrictions to dump connections to bad users
early. A later RBL check will only apply to valid recipients.
Set smtpd_hard_error_limit to a low number, such as 2, to
disconnect clients after just a few errors.
Set smtpd_error_sleep_time to 0 to get rid of bad clients
without delay.
I'll bet the postfix 2.7 "postscreen" feature will get rid of
1/2 or more of the bots before they every talk to you.
Postfix 2.7 allows you to specify 521 for the various
*_reject_code parameters to signal a disconnect.
Increase the max number of smtpd listeners in master.cf to the
highest number your memory will allow.
-- Noel Jones
