Hi all! i'm seeing a huge quantity of spam during this week (~156K
messages) all from an smtp addresses that begins with '0-', like:
from=<0...@cancer.org>
from=<0-1z3ize-...@bxbmail.de>
from=<0...@carnival.com>
from=<0-gentil...@aditi.com>
from=<0-happy-1...@msf.biglobe.ne.jp>
from=<0-downl...@soundviewmortgage.com>
I tried to reject them by writing a simple rule in my
smtpd_sender_checks by simply appending 0- at the beginning of a new
line but for some reason it isn't matching the pattern, finally
getting rejected by my RBL provider. Anyway I want to avoid doing RBL
checks for this case, any ideas why my rule isn't working? any
suggetions on how to write a filter for this pattern?
TIA!
PS: some more info:
$ /usr/sbin/postconf -m
btree
cidr
environ
hash
internal
ldap
nis
proxy
regexp
static
tcp
unix
$ /usr/sbin/postconf mail_version
mail_version = 2.7.3
smtpd_recipient_restrictions =
permit_mynetworks,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname,
# warn_if_reject reject_unknown_helo_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
# reject_unknown_sender_domain,
# reject_unknown_recipient_domain,
reject_unauth_destination,
check_client_access hash:$config_directory/maps/smtpd_client_checks,
check_helo_access hash:$config_directory/maps/smtpd_helo_checks,
check_sender_access hash:$config_directory/maps/smtpd_sender_checks,
check_sender_access
regexp:$config_directory/maps/smtpd_sender_checks.regexp,
check_recipient_access
hash:$config_directory/maps/smtpd_recipient_checks,
reject_non_fqdn_hostname,
reject_unverified_recipient,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client psbl.surriel.com,
reject_rbl_client bl.spamcop.net,
reject_rhsbl_client rhsbl.sorbs.net,
check_sender_access hash:$config_directory/maps/forged_domain_senders,
check_policy_service inet:127.0.0.1:10023,
permit
smtpd_data_restrictions =
warn_if_reject reject_unauth_pipelining,
permit
