Re: How to reject bad hosts

2010-08-10 Thread Walter Pinto
I'll provide my config, but keep in mind, the entire process is based on a scoring system which will vary from setup to setup. It's highly likely you will have to tweak the scores based on your specific needs. Below is my config, you can view the default settings by typing 'policyd-weight defaults'

Re: How to reject bad hosts

2010-08-10 Thread Noel Jones
On 8/10/2010 1:00 PM, Walter Pinto wrote: Sure, what's the policy on this list for that? Attachment or just copy/paste? (either a text attachment or a copy/paste is fine.)

Re: How to reject bad hosts

2010-08-10 Thread Walter Pinto
Sure, what's the policy on this list for that? Attachment or just copy/paste?

RE: How to reject bad hosts

2010-08-10 Thread Mark Scholten
> -Original Message- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Walter Pinto > Sent: Tuesday, August 10, 2010 1:20 AM > To: postfix users > Subject: Re: How to reject bad hosts > > I also can vouch for policy

Re: How to reject bad hosts

2010-08-09 Thread Dennis Guhl
On Tue, Aug 10, 2010 at 01:10:22AM +0200, Nicolas Michel wrote: > On 08/09/2010 10:43 PM, Martin Schütte wrote: > >On 08/09/10 16:29, Nicolas Michel wrote: > >>I want to know if there is a way to reject connections from host not > >>listed in the MX records of the domain it claims to be. > > > >Try

Re: How to reject bad hosts

2010-08-09 Thread Walter Pinto
I also can vouch for policyd-weight , with a bit of configuration it can be a very useful tool. Combine it with the fail2ban postfix log wrapper and you're on the right track.

Re: How to reject bad hosts

2010-08-09 Thread Nicolas Michel
On 08/09/2010 10:43 PM, Martin Schütte wrote: On 08/09/10 16:29, Nicolas Michel wrote: I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. Try http://www.policyd-weight.org/ It checks and compares the client IP, its HELO

Re: How to reject bad hosts

2010-08-09 Thread Martin Schütte
On 08/09/10 16:29, Nicolas Michel wrote: I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. Try http://www.policyd-weight.org/ It checks and compares the client IP, its HELO, the from address. Among other attributes it a

Re: How to reject bad hosts

2010-08-09 Thread Walter Pinto
I stopped using the perl SPF implementation because it would spawn too many instances and not properly terminate the process when complete, after a while it would overload the server with MailScanner running alongside. I haven't tried the python version.

Re: How to reject bad hosts

2010-08-09 Thread Nicolas Michel
On 08/09/2010 06:34 PM, Stan Hoeppner wrote: Nicolas Michel put forth on 8/9/2010 9:29 AM: For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my domain (we'll call it mydomain.be) and claims that the sender is u...@otherdomain.com Example of forging, typical of spammers: Retu

Re: How to reject bad hosts

2010-08-09 Thread Stan Hoeppner
Nicolas Michel put forth on 8/9/2010 9:29 AM: > For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my > domain (we'll call it mydomain.be) and claims that the sender is > u...@otherdomain.com Example of forging, typical of spammers: Return-Path: X-Original-To: Delivered

Re: How to reject bad hosts

2010-08-09 Thread Noel Jones
On 8/9/2010 10:20 AM, Nicolas Michel wrote: On 08/09/2010 05:15 PM, Noel Jones wrote: On 8/9/2010 9:29 AM, Nicolas Michel wrote: Hello, I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. For example : a host with IP WWW

Re: How to reject bad hosts

2010-08-09 Thread Egberto Monteiro
Easy to configure, but have not to be used to DROP mails. Em 08/09/2010 12:20 PM, Nicolas Michel escreveu: On 08/09/2010 05:15 PM, Noel Jones wrote: On 8/9/2010 9:29 AM, Nicolas Michel wrote: Hello, I want to know if there is a way to reject connections from host not listed in the MX records

Re: How to reject bad hosts

2010-08-09 Thread Nicolas Michel
On 08/09/2010 05:15 PM, Noel Jones wrote: On 8/9/2010 9:29 AM, Nicolas Michel wrote: Hello, I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my domain

Re: How to reject bad hosts

2010-08-09 Thread Noel Jones
On 8/9/2010 9:29 AM, Nicolas Michel wrote: Hello, I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my domain (we'll call it mydomain.be) and claims that

Re: How to reject bad hosts

2010-08-09 Thread Erwan David
On Mon, Aug 09, 2010 at 04:29:21PM CEST, Nicolas Michel said: > Hello, > > I want to know if there is a way to reject connections from host not > listed in the MX records of the domain it claims to be. > > For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my > domain (we'll cal

Re: How to reject bad hosts

2010-08-09 Thread Martijn de Munnik (Postfix)
On Mon, 09 Aug 2010 16:29:21 +0200, Nicolas Michel wrote: > Hello, > > I want to know if there is a way to reject connections from host not > listed in the MX records of the domain it claims to be. > > For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my > domain (we'll call i

How to reject bad hosts

2010-08-09 Thread Nicolas Michel
Hello, I want to know if there is a way to reject connections from host not listed in the MX records of the domain it claims to be. For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my domain (we'll call it mydomain.be) and claims that the sender is u...@otherdomain.com If