Marc skrev den 2023-09-15 23:57:
>Marc skrev den 2023-09-15 17:01:
>>Anyone have any experience with a dns blacklist specific to known smtp
>>auth abuse?
On 15.09.23 17:51, Benny Pedersen wrote:
>spamrats ?
>
>https://www.spamrats.com/
I have bad experiente with spam rats and thus wouldn't recommend using
them.
YMMV of course.
You could be right about this. When I compare the last 413 failed smtp
auths, none are listed in auth.spamrats.com. While bl.spamcop.net
lists 230 at 127.0.0.2, while zen.spamhaus.org gets 371 at
127.0.0.4/127.0.0.3/127.0.0.11. I just have to check which of them is
not a list that lists any 'dynamic' ip by default.
submission inet n - y - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_delay_reject=no
-o { smtpd_client_restrictions = reject_rbl_client
auth.spamrats.com=127.0.0.43, permit }
-o { smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject }
i find dokumention good, dqs can be added here aswell, but i am unsure
if it will expose my dqs key, for me i dont like to use y (chroot), note
all details in this, just not auth.spamrats.com plus return code hardend
please be carefull, and ask
