Steve Jenkins put forth on 10/19/2010 11:12 PM: > Stan Hoeppner said: >> This will probably be a big help to Steve. > > Thanks, Stan. That fqrdns.pcre file rocks. Is that something you created? > May I share the link with others?
Glad it's working well for you. That file was donated to me via an anonymous poster to the spam-l mailing list quite some time ago during one of our discussions on blocking dyn/generic PTRs. I'm pretty sure he is a mail OP at one of the larger US ISPs. My only contribution to that file so far is the very last expression that blocks a snowshoe spammer I came across. Normally I block snowshoe spammers via netblock with a CIDR file. IIRC that spammer has his machines spread out across a couple dozen ISPs. But since he's using multiple variations of the same domain name, I wrote that expression to block it all. Share it as far and wide as you like. I've been sharing it here and other places for some time. > I had already added the spamhaus DBL checks (after Jeroen nudged me toward > their Zen IP blocklist), but Surriel PSBL is new to me and I'll check that > out now. I also just Googled postgrey and will check that out as well. There are other good greylisting policy daemons and milters for Postfix. I simply mentioned Postgrey as that's what I use and it seems to work decent. > Thanks again - your post WAS a big help. I appreciate it. You're welcome. Have you tried Sahil Tandon's checkdbl.pl header check daemon yet? I intentionally avoided mentioning it previously as I wasn't sure if you were up to something like that yet. It requires modifying master.cf as well as main.cf. It scans headers for all domain names and then queries Spamhaus DBL, URIBL, and SURBL for those domains, then rejects the connection on a hit. This works very well for some sites. It's probably not going to catch a ton of stuff, but it can catch stuff that smtpd level checks don't. http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt -- Stan
