On Sunday, December 18, 2011 at 08:41:48 UTC, to...@ozses.net confabulated:
> On 18 December 2011 00:34, Stan Hoeppner <s...@hardwarefreak.com> wrote: >> On 12/17/2011 2:32 PM, Ansgar Wiechers wrote: >> > On 2011-12-17 Tolga wrote: >> >> I've been getting a lot of Chinese spam. I've googled and come across >> >> a guide that advises to use a cidr file and tell postfix to use it. I >> >> got the file, edited it, and told postfix to use it. However, it >> >> doesn't seem to be working (I tested it by putting in my own IP >> >> address). How can I fix it? Below is my postconf -n: >> >> >> >> [root@bilgisayarciniz ~]# postconf -n >> > [...] >> >> smtpd_client_restrictions = check_client_access >> >> cidr:/etc/postfix/sinokorea.cidr >> > >> > Move the check_client_access restriction to >> $smtpd_recipient_restrictions. >> >> This alone won't help. The OP said he tested by plugging his own IP >> address into the CIDR table. If he inserts this restriction after >> permit_mynetworks his test still won't work. This is not a valid way to >> test a CIDR table BTW. >> >> Tolga, first, are you certain this "Chinese spam" is coming from Chinese >> IP addresses? Check your mail log for connections from one of these >> addresses and confirm the IP is assigned to a Chinese entity, using the >> whois command. Then plug that IP address into postmap and post the >> output of that command here. For example, I block all Chinese IP space >> using ipdeny.com lists in a CIDR table. A sample test of my CIDR table: >> >> /etc/postfix/cidr_files$ postmap -q 58.99.128.128 cidr:countries >> REJECT Mail not accepted from China >> >> If you confirmed the IP is Chinese, and you have that Chinese network in >> your CIDR table, and the postmap test is successful, you know the table >> is working. If you get an error, post the error here. If the postmap >> test is successful and you still aren't rejecting connections from >> Chinese IP addresses then something else is wrong. One possible cause >> is a NAT router that rewrites the source address of the TCP packet. >> Your mail logs will tell you instantly if that is the case as all >> connections will be from the same IP address on the private side of the >> router. In that case a CIDR table is useless until you get a new router >> that does NAT correctly. >> >> Last, it would be helpful if you post a link to your CIDR table, or at >> least show 50 lines or so of its contents, so we can make sure you've >> created it correctly. It should look something like this: >> >> Hi, I've confirmed that the IP is from China, using www.ip2location.com. > My CIDR file is at www.bilgisayarciniz.org/sinokorea.cidr.txt > When I plugged the IP into postmap like you said, I got an error > postmap -q 60.190.223.61 sinokorea.cidr REJECT Mail not accepted from China > postmap: fatal: open database REJECT.db: No such file or directory. > Thanks for all the replies :) You should just do: postmap -q 60.190.223.61 cidr:sinokorea.cidr from within the directory the map file is located. Otherwise, you should include the full path to the file after the 'cidr:' part. The 'REJECT Mail not accepted from China' part of Stan's response was the response from his example postmap command. It wasn't something for you to type in. >> 58.14.0.0/15 REJECT Mail not accepted from China >> 58.16.0.0/13 REJECT Mail not accepted from China >> 58.24.0.0/15 REJECT Mail not accepted from China >> 58.30.0.0/15 REJECT Mail not accepted from China >> 58.32.0.0/11 REJECT Mail not accepted from China >> 58.66.0.0/15 REJECT Mail not accepted from China >> 58.68.128.0/17 REJECT Mail not accepted from China >> 58.82.0.0/15 REJECT Mail not accepted from China >> 58.87.64.0/18 REJECT Mail not accepted from China >> 58.99.128.0/17 REJECT Mail not accepted from China >> 58.100.0.0/15 REJECT Mail not accepted from China >> 58.116.0.0/14 REJECT Mail not accepted from China >> 58.128.0.0/13 REJECT Mail not accepted from China >> 58.144.0.0/16 REJECT Mail not accepted from China >> 58.154.0.0/15 REJECT Mail not accepted from China >> 58.192.0.0/11 REJECT Mail not accepted from China >> 58.240.0.0/12 REJECT Mail not accepted from China >> >> -- >> Stan >> -- If at first you don't succeed, so much for skydiving.
