Loading ...
Sorry, an error occurred while loading the content.

Re: dictionary-attack

Expand Messages
  • Matthew Hall
    Hello, I ran into a bit of an issue trying out fqrdns.pcre as recommended here in this thread. The header in the file recommended adding it into
    Message 1 of 48 , Mar 27, 2013
    • 0 Attachment
      Hello,

      I ran into a bit of an issue trying out fqrdns.pcre as recommended
      here in this thread. The header in the file recommended adding it into
      smtpd_client_restrictions. However if I place it there, I end up
      rejecting mail even from SASL authenticated client devices, if they
      also match a rule in fqrdns.pcre.

      Is it acceptable to put it into smtpd_relay_restrictions instead? I am
      worried if I do this, it would not be able to prevent these bad hosts
      from sending mail directly to my domain (non-relay), which kind of
      defeats the purpose of using it for botnet protection.

      I have some dynamic clients, and I don't know what subnet they'll be
      on since they're mobile devices with an IP from the mobile provider,
      so whitelisting isn't going to work very well if they roam somewhere
      surprising, like a different unexpected provider.

      Thanks,
      Matthew.
    • Benny Pedersen
      ... add permit_sasl_authenticated before fqrdns.pcre testing -- senders that put my email into body content will deliver it to my own trashcan, so if you like
      Message 48 of 48 , Apr 7 12:40 AM
      • 0 Attachment
        On 2013-03-27 23:11, Matthew Hall wrote:

        > I ran into a bit of an issue trying out fqrdns.pcre as recommended
        > here in this thread. The header in the file recommended adding it
        > into
        > smtpd_client_restrictions. However if I place it there, I end up
        > rejecting mail even from SASL authenticated client devices, if they
        > also match a rule in fqrdns.pcre.

        add permit_sasl_authenticated before fqrdns.pcre testing

        --
        senders that put my email into body content will deliver it to my own
        trashcan, so if you like to get reply, dont do it
      Your message has been successfully submitted and would be delivered to recipients shortly.