[Rack] Mail spam controls.

Jonathan Lassoff jof at thejof.com
Mon Apr 23 04:36:03 UTC 2012 

Every list admin is thanking you right about now.

Hopefully this cuts down on the moderation queue spam significantly.

--j

On Sun, Apr 22, 2012 at 11:55 AM, Ben Kochie <ben at nerp.net> wrote:
> Looks like it's working:
>
> Apr 22 06:49:19 m1 postfix/smtpd[12007]: NOQUEUE: reject: RCPT from
> 84-10-132-190.dynamic.chello.pl[84.10.132.190]: 554 5.7.1 Service
> unavailable; Client host [84.10.132.190] blocked using zen.spamhaus.org;
> http://www.spamhaus.org/query/bl?ip=84.10.132.190;
> from=<abdullahi at wjadserver.com> to=<rack at lists.noisebridge.net>
> proto=ESMTP helo=<84-10-132-190.dynamic.chello.pl>
>
> Apr 22 09:05:09 m1 postfix/smtpd[20716]: NOQUEUE: reject: RCPT from
> unknown[218.156.232.162]: 554 5.7.1 Service unavailable; Client host
> [218.156.232.162] blocked using zen.spamhaus.org;
> http://www.spamhaus.org/query/bl?ip=218.156.232.162;
> from=<dunningl9 at deltamar.net> to=<rack at lists.noisebridge.net> proto=ESMTP
> bhelo=<kdn.ktguide.com>
>
>
> -ben
>
> On Sat, 21 Apr 2012, Ben Kochie wrote:
>
>> I'm going to change the mail filter rules on noisebridge.net to better
>> control the inbound spam.
>>
>> From:
>> smtpd_recipient_restrictions =
>>   permit_mynetworks,
>>   reject_unauth_destination,
>>   check_sender_access hash:/etc/postfix/sender_access
>>
>> To:
>> smtpd_recipient_restrictions =
>>   permit_mynetworks,
>>   reject_unauth_destination,
>>   check_sender_access hash:/etc/postfix/sender_access,
>>   reject_invalid_hostname,
>>   reject_non_fqdn_sender,
>>   reject_non_fqdn_recipient,
>>   reject_unknown_sender_domain,
>>   reject_unknown_recipient_domain,
>>   reject_rbl_client zen.spamhaus.org,
>>   reject_rbl_client cbl.abuseat.org,
>>   reject_rbl_client dnsbl-1.uceprotect.net,
>>   permit
>>
>> The key two changes here are to reject mails with common RFC violations,
>> and then check 3 reliable blacklists.
>>
>> This should reduce the junk in our moderation queues.
>>
>> I'm also considering enabling greylist filtering.  But let's see how these
>> changes go.
>>
>> -ben
>> _______________________________________________
>> Rack mailing list
>> Rack at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/rack
>>
> _______________________________________________
> Rack mailing list
> Rack at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/rack

More information about the Rack mailing list