Am 16.09.2014 um 23:24 schrieb AndreaML:
> Is it also your experience? Has reject_unknown_hostname less and less use in
> favour of other anti-spam methods?
>
> because in a server with 5000 mailbox and 80k-100k messages a day, that
> setting free me of 20k-30k spam messages easily, but catch these large
> institutions.
>
> i am just a bit confused. what is your experience on this?
that still too much mail admins sadly don't care about 3 things
* A record
* PTR
* HELO name
and instead "reject_unknown_hostname" you need for a sane sleep
specific rules to at least reject insane HELO :-(
smtpd_helo_restrictions =
permit_mynetworks
permit_sasl_authenticated
check_sender_access /etc/postfix/whitelist_sender.cf
check_helo_access regexp:/etc/postfix/blacklist_helo.cf
reject_non_fqdn_helo_hostname
reject_invalid_helo_hostname
_____________________________________________________________________________
/etc/postfix/blacklist_helo.cf:
/.*\.91\.118\.73\..*/
REJECT Unacceptable HELO
/^91\.118\.73\..*/
REJECT Unacceptable HELO
/^\[10\.0\..*/
REJECT Unacceptable HELO
/^10\.0\..*/
REJECT Unacceptable HELO
/^\[192\.168\..*/
REJECT Unacceptable HELO
/^192\.168\..*/
REJECT Unacceptable HELO
/.*\.administrator$/
REJECT Unacceptable HELO
/.*\.admin$/
REJECT Unacceptable HELO
/.*\.arpa$/
REJECT Unacceptable HELO
/.*\.dhcp$/
REJECT Unacceptable HELO
/.*\.dns$/
REJECT Unacceptable HELO
/.*\.dynamic$/
REJECT Unacceptable HELO
/.*\.dyn$/
REJECT Unacceptable HELO
/.*\.dyndns\.org$/
REJECT Unacceptable HELO
/.*\.gateway$/
REJECT Unacceptable HELO
/.*\.home$/
REJECT Unacceptable HELO
/.*\.internal$/
REJECT Unacceptable HELO
/.*\.intern$/
REJECT Unacceptable HELO
/.*\.lan$/
REJECT Unacceptable HELO
/.*\.localdomain$/
REJECT Unacceptable HELO
/.*\.localhost$/
REJECT Unacceptable HELO
/.*\.local$/
REJECT Unacceptable HELO
/.*\.lokal$/
REJECT Unacceptable HELO
/.*\.nat$/
REJECT Unacceptable HELO
/.*\.netzwerk$/
REJECT Unacceptable HELO
/.*\.pc$/
REJECT Unacceptable HELO
/.*\.privat$/
REJECT Unacceptable HELO
/.*\.private$/
REJECT Unacceptable HELO
/.*\.router$/
REJECT Unacceptable HELO
/^[0-9]{1,3}\-[0-9]{1,3}\-[0-9]{1,3}\-[0-9]{1,3}.*\.highway\.telekom\.at$/
REJECT Unacceptable HELO
/^[0-9]{1,3}\-[0-9]{1,3}\-[0-9]{1,3}\-[0-9]{1,3}\.dynamic\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.dynamic\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.graz\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.klafu\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.tirol\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.vie\.surfer\.at$/
REJECT Unacceptable HELO
/^chello.*\.wrn\.surfer\.at$/
REJECT Unacceptable HELO
/.*\.hinet\-ip\.hinet\.net$/
REJECT Unacceptable HELO
/.*\.dynamic\.hinet\.net$/
REJECT Unacceptable HELO
/.*\.dynamic\-ip\.hinet\.net$/
REJECT Unacceptable HELO
/.*\.dynamic\.jazztel\.es$/
REJECT Unacceptable HELO
/.*spamexperts\.com$/
REJECT Unacceptable HELO
_____________________________________________________________________________
