procmail
[Top] [All Lists]

Re: Recipe to block unqualified domains?

2006-05-25 15:17:53
TLD Procmail schreef:
[attribute repaired] Dave:

I should look into doing this with postfix.  I am very nervous about
breaking my postfix config; so I'll use procmail to do it until I
make certain I've everything backed up.

   I can certainly understand this.  I use sendmail, and any time
I have to change something in it's config, I cringe while I make
the change, I hold my breath, and then with closed eyes press
the enter key to make the changes happen.

With postfix, such things are often easier. 


   In truth, it should be relatively easy to whip together a
simple binary in C/C++ that basically just accepts the domain
name as it's argument, and returns a value based on a domain
check.  There might already be something available to do this.
In that case, your procmail recipe strips off the domain name
and tests it for legitimacy.

There is indeed a very nice program for that already: rblcheck. 
http://rblcheck.sourceforge.net/ 

But postfix does not need that. 


http://www.wrightthisway.com/Articles/cat_postfix.html 

smtpd_helo_restrictions=
[...merge with current settings...]
reject_unknown_hostname,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_client,
reject_non_fqdn_sender,   # <---
reject_non_fqdn_recipient,
reject_unknown_sender_domain,   # <---
reject_unknown_recipient_domain


And while you are at it:

smtpd_recipient_restrictions =
[...merge with current settings...]
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client relays.ordb.org,
reject_rbl_client dnsbl.njabl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.ahbl.org,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client relays.visi.com,
reject_rhsbl_client blackhole.securitysage.com,
reject_rhsbl_sender blackhole.securitysage.com,
reject_rhsbl_client rhsbl.ahbl.org,
reject_rhsbl_sender rhsbl.ahbl.org,
reject_rhsbl_client rhsbl.sorbs.net
reject_rhsbl_sender rhsbl.sorbs.net,
reject_rhsbl_client block.rhs.mailpolice.com,
reject_rhsbl_sender block.rhs.mailpolice.com,
reject_rhsbl_client dynamic.rhs.mailpolice.com,
reject_rhsbl_sender dynamic.rhs.mailpolice.com,
reject_rhsbl_client bogusmx.rfc-ignorant.org,
reject_rhsbl_sender bogusmx.rfc-ignorant.org,
reject_rhsbl_client dsn.rfc-ignorant.org,
reject_rhsbl_sender dsn.rfc-ignorant.org

-- 
Groet, Ruud

____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail