[Rack] Mail spam controls.

Ben Kochie ben at nerp.net
Mon Apr 23 13:06:21 PDT 2012


I blame adi.

Apr 22 20:36:19 m1 postfix/postalias[13350]: warning: /etc/postfix/sender_access, line 1: need name:value pair
Apr 22 20:36:19 m1 postfix/postalias[13350]: warning: /etc/postfix/sender_access, line 2: need name:value pair
...
Apr 22 20:41:55 m1 postfix/smtpd[13759]: fatal: open database /etc/postfix/sender_access.db: No such file or directory
Apr 22 20:41:56 m1 postfix/master[5827]: warning: process /usr/lib/postfix/smtpd pid 13759 exit status 1

Last:
adi      pts/0        64.206.95.115    Sun Apr 22 19:27 - 22:37  (03:10)


-ben

On Mon, 23 Apr 2012, Ben Kochie wrote:

> It looks like someone broke postfix:
> Apr 23 08:08:55 m1 postfix/smtpd[1775]: fatal: open database 
> /etc/postfix/sender_access.db: No such file or directory
> Apr 23 08:08:56 m1 postfix/master[5827]: warning: process 
> /usr/lib/postfix/smtpd pid 1775 exit status 1
>
> Fixed with postmap hash:sender_access
>
>
> -ben
>
> On Sun, 22 Apr 2012, Jonathan Lassoff wrote:
>
>> Every list admin is thanking you right about now.
>> 
>> Hopefully this cuts down on the moderation queue spam significantly.
>> 
>> --j
>> 
>> On Sun, Apr 22, 2012 at 11:55 AM, Ben Kochie <ben at nerp.net> wrote:
>>> Looks like it's working:
>>> 
>>> Apr 22 06:49:19 m1 postfix/smtpd[12007]: NOQUEUE: reject: RCPT from
>>> 84-10-132-190.dynamic.chello.pl[84.10.132.190]: 554 5.7.1 Service
>>> unavailable; Client host [84.10.132.190] blocked using zen.spamhaus.org;
>>> http://www.spamhaus.org/query/bl?ip=84.10.132.190;
>>> from=<abdullahi at wjadserver.com> to=<rack at lists.noisebridge.net>
>>> proto=ESMTP helo=<84-10-132-190.dynamic.chello.pl>
>>> 
>>> Apr 22 09:05:09 m1 postfix/smtpd[20716]: NOQUEUE: reject: RCPT from
>>> unknown[218.156.232.162]: 554 5.7.1 Service unavailable; Client host
>>> [218.156.232.162] blocked using zen.spamhaus.org;
>>> http://www.spamhaus.org/query/bl?ip=218.156.232.162;
>>> from=<dunningl9 at deltamar.net> to=<rack at lists.noisebridge.net> proto=ESMTP
>>> bhelo=<kdn.ktguide.com>
>>> 
>>> 
>>> -ben
>>> 
>>> On Sat, 21 Apr 2012, Ben Kochie wrote:
>>> 
>>>> I'm going to change the mail filter rules on noisebridge.net to better
>>>> control the inbound spam.
>>>> 
>>>> From:
>>>> smtpd_recipient_restrictions =
>>>>   permit_mynetworks,
>>>>   reject_unauth_destination,
>>>>   check_sender_access hash:/etc/postfix/sender_access
>>>> 
>>>> To:
>>>> smtpd_recipient_restrictions =
>>>>   permit_mynetworks,
>>>>   reject_unauth_destination,
>>>>   check_sender_access hash:/etc/postfix/sender_access,
>>>>   reject_invalid_hostname,
>>>>   reject_non_fqdn_sender,
>>>>   reject_non_fqdn_recipient,
>>>>   reject_unknown_sender_domain,
>>>>   reject_unknown_recipient_domain,
>>>>   reject_rbl_client zen.spamhaus.org,
>>>>   reject_rbl_client cbl.abuseat.org,
>>>>   reject_rbl_client dnsbl-1.uceprotect.net,
>>>>   permit
>>>> 
>>>> The key two changes here are to reject mails with common RFC violations,
>>>> and then check 3 reliable blacklists.
>>>> 
>>>> This should reduce the junk in our moderation queues.
>>>> 
>>>> I'm also considering enabling greylist filtering.  But let's see how 
>>>> these
>>>> changes go.
>>>> 
>>>> -ben
>>>> _______________________________________________
>>>> Rack mailing list
>>>> Rack at lists.noisebridge.net
>>>> https://www.noisebridge.net/mailman/listinfo/rack
>>>> 
>>> _______________________________________________
>>> Rack mailing list
>>> Rack at lists.noisebridge.net
>>> https://www.noisebridge.net/mailman/listinfo/rack
>


More information about the Rack mailing list