On 30 Jan 2021, at 11:20, Phil Stracchino <ph...@caerllewys.net> wrote:
> On 12/18/20 8:38 AM, @lbutlr wrote:
>> I do this:
>>
>> /.*automators\.fm$/ DUNNO
>> /.*counter\.social/ DUNNO
>> /.*ometria.email/ DUNNO
>> /.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/
>> DUNNO
>> /.*\.*$/ 550 Mail to or from this TLD is not allowed
>>
>> Fourth line passes all the "good" TLDs that I accept mail from, based on my
>> server's mail. The first three accept specific domains. The last tells
>> everyone else to go away, and why.
>
>
> Revisiting this ... where exactly do you apply this ruleset? I'm
> looking at implementing a rule to discard all four-letter-and-above TLDs
> except whitelisted ones, because I'm tired of playing whack-a-mole.
>
> Are you using header_checks rule, or something else?
I have a file named helo-checks.pcre which I call in main.cf in
smtpd_help_restrictions:
smtpd_helo_restrictions = reject_invalid_helo_hostname
check_helo_access pcre:$config_directory/helo_checks.pcre
permit
You do need to stay on top of the list of TLDs you allow for example in the
last month since that pst I have added info. I still get a lot of spam attempts
from shop and email, but there's enough not-spam that I had to add them as well.
My main reason for doing this is not spam blocking per se as SpamAssasin will
reject the mails, it is more about minimizing the amount of work SA does and
the number of lookups I make against the RBLs.
--
Hard work pays off in the future. Laziness pays off now.
