- On 3/23/2013 9:31 AM, Benny Pedersen wrote:
> Ejaz skrev den 2013-03-23 11:49:This may help some if the clients are spambots, which they likely are.
>> How do I configure my postfix not to accept the emails which sent on
>> invalid address?, since morning we have been noticed that there huge
>> spam dictionary attack on our server, all originated emails are from
>> random IPs and random from address to the invalid recipient.
> pretty common, just make sure not to use catch-all in postfix, then logs
> and count what ips abuse most or is not have there own rir listning
> (dynamic ips should be smtp auth only)
>> Thanks in advance for you kind help in regards to the control such
>> spam emails.
> are you missing http://www.hardwarefreak.com/fqrdns.pcre ? :)
It won't reject connections any quicker than reject_unlisted_recipient,
but it won't tell the attacker what addresses aren't valid either,
making a dictionary attack more difficult.
But for this scenario postscreen would be better all around as it
prevents the spambots from tying up multiple smtpd processes and
potentially slowing down mail delivery.
- On 2013-03-27 23:11, Matthew Hall wrote:
> I ran into a bit of an issue trying out fqrdns.pcre as recommendedadd permit_sasl_authenticated before fqrdns.pcre testing
> here in this thread. The header in the file recommended adding it
> smtpd_client_restrictions. However if I place it there, I end up
> rejecting mail even from SASL authenticated client devices, if they
> also match a rule in fqrdns.pcre.
senders that put my email into body content will deliver it to my own
trashcan, so if you like to get reply, dont do it