Loading ...
Sorry, an error occurred while loading the content.

client_access maps for smtpd_recipient_restrictions

Expand Messages
  • Romero, Randy
    Sorry to be a bother, but trying to figure out why my client_access rules don t appear to be working. For the most part I am rejecting a lot of spam, but
    Message 1 of 2 , Jul 1, 2008
    • 0 Attachment

      Sorry to be a bother, but trying to figure out why my “client_access” rules don’t appear to be working.  For the most part I am rejecting a lot of spam, but still some is coming through, but accurately being flagged by my mail program filters.  Maybe it’s short sighted, but I would like to be able to block all non US TLD’s.   I have read various how_tos, but am curious as to why some emails are still slipping by if I’m blocking TLD’s such as .cn or .it? I’m not even sure if what I am looking to do is possible.   Much thanks in advance. 

       

       

      Randy Romero

       

       

      Postfix version 2.4.6

       

      snippet of main.cf

       

      smtpd_recipient_restrictions =

              permit_mynetworks,

              permit_sasl_authenticated,

              reject_unauth_destination,

              reject_invalid_hostname,

              reject_unauth_pipelining,

              reject_non_fqdn_sender,

              reject_unknown_sender_domain,

              reject_non_fqdn_recipient,

              reject_unknown_recipient_domain,

              check_client_access dbm:/etc/opt/csw/postfix/maps/client_access,

              check_helo_access dbm:/etc/opt/csw/postfix/maps/helo_access,

              check_sender_access dbm:/etc/opt/csw/postfix/maps/sender_access,

              check_recipient_access dbm:/etc/opt/csw/postfix/maps/recipient_access,

              reject_rhsbl_client blackhole.securitysage.com,

              reject_rhsbl_sender blackhole.securitysage.com,

              reject_rbl_client blackholes.easynet.nl,

              reject_rbl_client cbl.abuseat.org,

              reject_rbl_client proxies.blackholes.wirehub.net,

              reject_rbl_client bl.spamcop.net,

              reject_rbl_client sbl.spamhaus.org,

              reject_rbl_client opm.blitzed.org,

              reject_rbl_client dnsbl.njabl.org,

              reject_rbl_client list.dsbl.org,

              reject_rbl_client multihop.dsbl.org,

              permit

       

       

       

      snippet of client_access file:

      83.33.170.157    reject

      .am      554 No Soup For You

      .an      554 No Soup For You

      .ao      554 No Soup For You

      .it        554 No Soup For You

       

       

      snippet of header  of email getting by:

       

      Return-Path: <cuchumat_1969@...>

      X-Original-To: me@...

      Delivered-To: me@...

      Received: from localhost (localhost [127.0.0.1])

              by mail.mydomain.com (Postfix) with ESMTP id CA518AC27

              for <me@...>; Tue,  1 Jul 2008 07:47:38 -0400 (EDT)

      X-Quarantine-ID: <EZ4UoIAQoU8J>

      X-Virus-Scanned: amavisd-new at mydomain.com

      X-Spam-Flag: YES

      X-Spam-Score: 11.422

      X-Spam-Level: ***********

      X-Spam-Status: Yes, score=11.422 tagged_above=2 required=6.31

              tests=[URIBL_AB_SURBL=1.613, URIBL_BLACK=1.961, URIBL_JP_SURBL=

      2.857,

              URIBL_SBL=2.468, URIBL_SC_SURBL=2.523]

      Received: from mail.4way.us ([127.0.0.1])

              by localhost (mail.4way.us [127.0.0.1]) (amavisd-new, port 1002

      4)

              with ESMTP id EZ4UoIAQoU8J for <me@...>;

              Tue,  1 Jul 2008 07:47:33 -0400 (EDT)

      Received: from host210-100-static.49-88-b.business.telecomitalia.it (ho

      st210-100-static.49-88-b.business.telecomitalia.it [88.49.100.210])

              by mail.4way.us (Postfix) with ESMTP id AFD7EAC21

              for <me@...>; Tue,  1 Jul 2008 07:47:26 -0400 (EDT)

      To: me@...

      Subject: ***SPAM*** Oil prices to soar

      From:   nihat <cuchumat_1969@...>

      Content-Type: text/plain; format=flowed; delsp=yes; charset=koi8-r

      MIME-Version: 1.0

      Content-Transfer-Encoding: 7bit

      Date:   Tue, 1 Jul 2008 13:47:32 +0200

      Message-ID: <lr.jymagfrqwejoca@Giorgio>

      User-Agent: Opera Mail/9.50 (Win32)

       

      Get bigger faster no problems with just these wonder pills

      http://www.sizesuper.com/

       

       

       

      end 

       



      CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.
    • mouss
      ... This is a bit aggressive, but your server, your rules... There are safer ways to fight spam... ... 1- Please show the output of postconf -n instead of
      Message 2 of 2 , Jul 1, 2008
      • 0 Attachment
        Romero, Randy wrote:
        > Sorry to be a bother, but trying to figure out why my "client_access" rules don't appear to be working. For the most part I am rejecting a lot of spam, but still some is coming through, but accurately being flagged by my mail program filters. Maybe it's short sighted, but I would like to be able to block all non US TLD's.

        This is a bit aggressive, but your server, your rules... There are safer
        ways to fight spam...
        > I have read various how_tos, but am curious as to why some emails are still slipping by if I'm blocking TLD's such as .cn or .it? I'm not even sure if what I am looking to do is possible. Much thanks in advance.
        >
        >
        > Randy Romero
        >
        >
        > Postfix version 2.4.6
        >
        > snippet of main.cf
        >
        > smtpd_recipient_restrictions =
        > permit_mynetworks,
        > permit_sasl_authenticated,
        > reject_unauth_destination,
        > reject_invalid_hostname,
        > reject_unauth_pipelining,
        > reject_non_fqdn_sender,
        > reject_unknown_sender_domain,
        > reject_non_fqdn_recipient,
        > reject_unknown_recipient_domain,
        > check_client_access dbm:/etc/opt/csw/postfix/maps/client_access,
        > check_helo_access dbm:/etc/opt/csw/postfix/maps/helo_access,
        > check_sender_access dbm:/etc/opt/csw/postfix/maps/sender_access,
        > check_recipient_access dbm:/etc/opt/csw/postfix/maps/recipient_access,
        > reject_rhsbl_client blackhole.securitysage.com,
        > reject_rhsbl_sender blackhole.securitysage.com,
        > reject_rbl_client blackholes.easynet.nl,
        > reject_rbl_client cbl.abuseat.org,
        > reject_rbl_client proxies.blackholes.wirehub.net,
        > reject_rbl_client bl.spamcop.net,
        > reject_rbl_client sbl.spamhaus.org,
        > reject_rbl_client opm.blitzed.org,
        > reject_rbl_client dnsbl.njabl.org,
        > reject_rbl_client list.dsbl.org,
        > reject_rbl_client multihop.dsbl.org,
        > permit
        >
        >


        1- Please show the output of 'postconf -n' instead of main.cf snippets

        2- please take the time to check that the DNSBLs you are queriying are
        still active.
        http://spamlinks.net/filter-dnsbl-dead.htm

        3- consider using zen.spamhaus.org. it is more effective and safer than
        your "blcok non us tld" strategy.


        > snippet of client_access file:
        > 83.33.170.157 reject
        > .am 554 No Soup For You
        > .an 554 No Soup For You
        > .ao 554 No Soup For You
        > .it 554 No Soup For You
        >
        >

        without 'postconf -n' output, we cannot tell if this is ever used.

        > snippet of header of email getting by:
        >

        please show the logs instead of messages.
        > Return-Path: <cuchumat_1969@...>
        > X-Original-To: me@...
        > Delivered-To: me@...
        > Received: from localhost (localhost [127.0.0.1])
        > by mail.mydomain.com (Postfix) with ESMTP id CA518AC27
        > for <me@...>; Tue, 1 Jul 2008 07:47:38 -0400 (EDT)
        > X-Quarantine-ID: <EZ4UoIAQoU8J>
        > X-Virus-Scanned: amavisd-new at mydomain.com
        > X-Spam-Flag: YES
        > X-Spam-Score: 11.422
        > X-Spam-Level: ***********
        > X-Spam-Status: Yes, score=11.422 tagged_above=2 required=6.31
        > tests=[URIBL_AB_SURBL=1.613, URIBL_BLACK=1.961, URIBL_JP_SURBL=
        > 2.857,
        > URIBL_SBL=2.468, URIBL_SC_SURBL=2.523]
        > Received: from mail.4way.us ([127.0.0.1])
        > by localhost (mail.4way.us [127.0.0.1]) (amavisd-new, port 1002
        > 4)
        > with ESMTP id EZ4UoIAQoU8J for <me@...>;
        > Tue, 1 Jul 2008 07:47:33 -0400 (EDT)
        > Received: from host210-100-static.49-88-b.business.telecomitalia.it (ho
        > st210-100-static.49-88-b.business.telecomitalia.it [88.49.100.210])
        > by mail.4way.us (Postfix) with ESMTP id AFD7EAC21
        > for <me@...>; Tue, 1 Jul 2008 07:47:26 -0400 (EDT)
        > To: me@...
        > Subject: ***SPAM*** Oil prices to soar
        > From: nihat <cuchumat_1969@...>
        > Content-Type: text/plain; format=flowed; delsp=yes; charset=koi8-r
        > MIME-Version: 1.0
        > Content-Transfer-Encoding: 7bit
        > Date: Tue, 1 Jul 2008 13:47:32 +0200
        > Message-ID: <lr.jymagfrqwejoca@Giorgio>
        > User-Agent: Opera Mail/9.50 (Win32)
        >
        > Get bigger faster no problems with just these wonder pills
        > http://www.sizesuper.com/
        >
        >
        >
        > end
        >
        >
        > ________________________________
        > CONFIDENTIALITY NOTICE: This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. If you are not the intended recipient of this e-mail, please notify the sender immediately by return e-mail, purge it and do not disseminate or copy it.
        >
        >
      Your message has been successfully submitted and would be delivered to recipients shortly.