same applies for Namecheap.
Whatever... it's offtopic on this list.
(why do I even reply to this? <blush>)
for generic antispam blabber I'd recommend
SDLU: http://new-spam-l.com/admin/faq.html /
https://spammers.dontlike.us/mailman/listinfo/list
and Mailop: http://chilli.nosignal.org/mailman/listinfo/mailop
On 09/10/2015 11:10 AM, Reindl Harald wrote:
Am 10.09.2015 um 10:59 schrieb Axb:
On 09/10/2015 10:47 AM, Reindl Harald wrote:
has anybody ever seen legit mail from domains there?
Yes, sadly ENOM is a huge cesspool but it also has a ton of legit
registered domains on thse NS.
i am not sure about that, looks like "name-services.com" is the DNS for
"registrar-servers.com" and there is maybe a distinction between legit
and spam domains
Tech Name: NAMECHEAP.COM NAMECHEAP.COM
Tech Organization: NAMECHEAP, INC
Tech Street: 11400 W. OLYMPIC BLVD. SUITE 200
Tech City: LOS ANGELES
Tech State/Province: CA
Tech Postal Code: 90064
Tech Country: US
Tech Phone: +1.6613102107
Tech Phone Ext:
Tech Fax: +1.6613102107
Tech Fax Ext:
Tech Email: supp...@namecheap.com
Name Server: DNS1.NAME-SERVICES.COM
Name Server: DNS2.NAME-SERVICES.COM
Name Server: DNS3.NAME-SERVICES.COM
Name Server: DNS4.NAME-SERVICES.COM
Name Server: DNS5.NAME-SERVICES.COM
for me it looks like only spammers register every day a new domain
with that whois from
Panama to bypass sender/uri-blacklists
yep.. very much so
http://www.dailychanges.com/registrar-servers.com/
Sep 10 09:53:10 panel: spamfilter: Sender-Backlist
"heute*-*abend*-*date*.*info" added
Sep 10 09:55:31 panel: spamfilter: Sender-Backlist
"facegook*-*nachrichtenzentrale*.*com" added
i am really tempted to add the nameservers to
check_sender_ns_access hash:/etc/postfix/blacklist_ns.cf
I wouldn't unless you can afford to deal with the FPs
i give it a try with a safety net before
smtpd_recipient_restrictions =
reject_unlisted_recipient
reject_unauth_destination
reject_non_fqdn_recipient
reject_non_fqdn_sender
check_recipient_access proxy:hash:/etc/postfix/whitelist_rcpt.cf
reject_non_fqdn_helo_hostname
reject_invalid_helo_hostname
check_helo_access proxy:pcre:/etc/postfix/blacklist_helo_unconditional.cf
check_recipient_access proxy:hash:/etc/postfix/blacklist_rcpt.cf
check_sender_access proxy:hash:/etc/postfix/whitelist_sender.cf
check_sender_access proxy:hash:/etc/postfix/blacklist_sender.cf
permit_dnswl_client dnswl-aggregate.example.com=127.0.0.[2;3]
check_sender_access proxy:hash:/etc/postfix/spoofing_protection.cf
permit_dnswl_client dnswl-aggregate.example.com=127.0.0.4
check_sender_access proxy:pcre:/etc/postfix/blacklist_sender_regex.cf
reject_unknown_sender_domain
check_recipient_access proxy:hash:/etc/postfix/skip_spf_check.cf
permit_dnswl_client dnswl-aggregate.example.com=127.0.0.5
permit_dnswl_client wl.mailspike.net=127.0.0.[19;20]
permit_dnswl_client list.dnswl.org=127.0.[0..255].[2;3]
check_sender_ns_access proxy:hash:/etc/postfix/blacklist_ns.cf
check_policy_service unix:private/spf-policy
__________________________________________________
cat /etc/postfix/blacklist_ns.cf:
ns1.sedoparking.com REJECT Domain is parked at sedo.com
ns2.sedoparking.com REJECT Domain is parked at sedo.com
ns1.fastpark.net REJECT Domain is parked at namedrive.com
ns2.fastpark.net REJECT Domain is parked at namedrive.com
a.ns.ultsearch.com REJECT Domain is parked at a.ns.ultsearch.com
b.ns.ultsearch.com REJECT Domain is parked at b.ns.ultsearch.com
buy.internettraffic.com REJECT Domain is parked at
buy.internettraffic.com
sell.internettraffic.com REJECT Domain is parked at
sell.internettraffic.com
dns1.registrar-servers.com REJECT Sender-Domain is registered at
WhoisGuard Panama / Namecheap Inc
dns2.registrar-servers.com REJECT Sender-Domain is registered at
WhoisGuard Panama / Namecheap Inc
dns3.registrar-servers.com REJECT Sender-Domain is registered at
WhoisGuard Panama / Namecheap Inc
dns4.registrar-servers.com REJECT Sender-Domain is registered at
WhoisGuard Panama / Namecheap Inc
dns5.registrar-servers.com REJECT Sender-Domain is registered at
WhoisGuard Panama / Namecheap Inc
______________________________________
Tech Name:WhoisGuard Protected
Tech Organization:WhoisGuard, Inc.
Tech Street: P.O. Box 0823-03411
Tech City:Panama
Tech State/Province:Panama
Tech Postal Code:00000
Tech Country:PA
Tech Phone:+507.8365503
Tech Phone Ext:
Tech Fax: +51.17057182
Tech Fax Ext:
Tech Email:1f6d4281c79c4f1599b2806c8e628ce2.prot...@whoisguard.com
Name Server:DNS1.REGISTRAR-SERVERS.COM
Name Server:DNS2.REGISTRAR-SERVERS.COM
Name Server:DNS3.REGISTRAR-SERVERS.COM
Name Server:DNS4.REGISTRAR-SERVERS.COM
Name Server:DNS5.REGISTRAR-SERVERS.COM
