Hello,
I received (yet another) SPAM/UCE from an address without MX record.
Although it is not mandatory for a sender to have an MX record,
this RFC loophole is exploited by spammers. Further, I do not want to
receive mail from someone I cannot reply to.
Before writing a milter, I would need to know whether postfix has a
relevant filter of its own.
This is the spamming host:
> unbound-host -rvD 78-134-2-123.v4.ngi.it
78-134-2-123.v4.ngi.it has address 78.134.2.123 (insecure)
78-134-2-123.v4.ngi.it has no IPv6 address (insecure)
78-134-2-123.v4.ngi.it has no mail handler record (insecure)
This is Postfix:
# postfix/port-25/smtpd[35013]: connect from
78-134-2-123.v4.ngi.it[78.134.2.123]:3431
...
# postfix/port-25/smtpd[35013]: generic_checks:
name=reject_unauth_pipelining status=0
# postfix/port-25/smtpd[35013]: generic_checks:
name=reject_unknown_client_hostname status=0
# postfix/port-25/smtpd[35013]: generic_checks: name=check_client_access
status=0
# postfix/port-25/smtpd[35013]: generic_checks:
name=check_reverse_client_hostname_access status=0
# postfix/port-25/smtpd[35013]: >>> END Client host RESTRICTIONS <<<
...
This is the relevant part of main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
reject_unknown_client_hostname
check_client_access pcre:$meta_directory/fqdns.pcre
check_reverse_client_hostname_access pcre:$meta_directory/fqrdns.pcre
This is the relevant part of master.cf:
smtp inet n - - - - smtpd
-v
-o syslog_name=postfix/port-25
-o smtpd_tls_security_level=may
-o smtpd_sasl_auth_enable=no
-o smtpd_delay_reject=no
-o smtpd_milters=${spf_milter},${dkim_milter},${dmarc_milter}
-o cleanup_service_name=pre-cleanup
Postscreen is currently disabled.
Thank you for your comments.
