Loading ...
Sorry, an error occurred while loading the content.

Re: Running A Mail Server

Expand Messages
  • mouss
    ... zen is considered safe by most people, and is widely used. but you can whitelist servers you communicate with. I use check_client_access .../client_acl
    Message 1 of 10 , Sep 24, 2008
    • 0 Attachment
      Neil wrote:
      > On 21 Sep 2008, at 05:39, mouss wrote:
      >>
      >>> My current config is:
      >>> smtpd_recipient_restrictions = permit_mynetworks,
      >>> permit_sasl_authenticated, reject_unauth_destination
      >>
      >> you can at leats add (after reject_unauth_destination)
      >> # reject unknown addresses before querying dnsbls
      >> reject_unlisted_recipient
      >> reject_unlisted_sender
      >> # zen catches a lot of junk sources
      >> reject_rbl_client zen.spamhaus.org
      >>
      >
      > So I took your advice and am using these; but it occurred to me: shit
      > happens,

      zen is considered safe by most people, and is widely used. but you can
      whitelist servers you communicate with. I use

      check_client_access .../client_acl
      check_client_access cidr:/..../dnwsl_permit

      where client_acl contains whitelist and blocklist checks, and
      dnswl_permit is rsync-ed from dnswl.org.


      > and it might be nice to have these mails come through, but put
      > them in my junkmail folder.

      then use spamassassin or use policyd-weight (or write a policy service
      that does dnsbl check and returns a PREPEND action).

      >
      > I can move them in easily enough with procmail, if they get a header
      > added. My question is, naturally, how can I add a header on these
      > conditions instead of rejecting them?
      >

      you can't. you can however test the check by using
      warn_if_reject reject_rbl_client zen.spamhaus.org
      This will log warnings instead of rejecting the connections.
    Your message has been successfully submitted and would be delivered to recipients shortly.