On 07.08.17 23:19, Voytek wrote:
> Aug 6 22:12:48 emu postfix/smtpd[24963]: NOQUEUE: reject: RCPT
> from sydney.sge.net[152.91.65.147]: 554 5.7.1 Service
> unavailable; Client host [152.91.65.147] blocked using
> b.barracudacentral.org; Client host blocked using Barracuda
> Reputation, see
> http://www.barracudanetworks.com/reputation/?r=1&ip=152.91.65.147;
> from=<> to=<k...@dom.com.au> proto=ESMTP helo=<sydney.sge.net>

On Mon, Aug 07, 2017 at 06:52:05PM +0200,
  Matus UHLAR - fantomas wrote:
I think me and Dominic Rafedr have already explained all that's
needed:

1. your setup is good, just use the /etc/postfix/sender_checks

On 07.08.17 12:15, /dev/rob0 wrote:
1. The sender in the log line above is null sender, a bounce.  It's
probably a very bad idea to whitelist the null sender address
universally.

missed it, sorry :-) the rest of senders was not null though.

2. Whitelisting by commonly-forged sender addresses is generally
wrong.  Spammers are likely to use sender addresses you have seen.

I believe that this "whitelisting" is used only for avoid rejection at
SMTP-time, but the mail is scanned by content filter later.

In these cases it's quite safe to avoid blacklisting for known senders.
Expecially when someone does not use postscreen for scored blacklisting.

...this may apply for null sender too, although I agree whitelisting null
sender is bad idea.

2. put OK instead of DUNNO there - that will stop checking in
blacklists.

A safer lookup result is "permit_auth_destination".

luckily the reject_unauth_destination precedes all access checks in the OP's
configuration, so even OK would not cause troubles.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics are made up on the spot.

Reply via email to