[OpenIndiana-discuss] Qmail-to-go on openindiana?

låzaro netadmin at lex-sa.cu
Thu Apr 26 16:34:29 UTC 2012


OUW! sorry my missunderstanding... here you are:

smtpd_recipient_restrictions =
    check_client_access hash:/etc/postfix/whitelist

In the file: whitelist put this:

some.domain.tld OK
200.55.136.18 OK

Then run:

 postmap /etc/postfix/whitelist

and finaly run
 
 postfix reload

;)


Thread name: "Re: [OpenIndiana-discuss] Qmail-to-go on openindiana?" 
Mail number: 42 
Date: Thu, Apr 26, 2012 
In reply to: Gary Gendel <gary at genashor.com> 
> >Postfix will make a reverse lookup and if the domain not found, it will
> >not allow get the mail.
> This is a completely different check.  In spamdyke this would be a
> poor-man's reject-missing-sender-mx option.  I'm talking about the
> spamdyke ip-in-rdns-keyword-whitelist-file and
> ip-in-rdns-keyword-blacklist-file options which allow you to specify
> which domains you will or will not allow the connecting MTA's ip
> address to be embedded in.  This catches a LOT of bot spam from ISPs
> that return this format for all the ip addresses that have no domain
> assigned.  For example a bot in the comcast network may resolve to
> this:
> 
> c-98-221-123-33.hsl1.nj.comcast.net
> 
> So I can just add ".comcast.net" to my
> ip-in-rdns-keyword-blacklist-file file and any bot from the
> comcast.net domain will be rejected.  It's a very directed search as
> it won't reject an arbitrary number string in the sequence and deals
> with comcast's use of various "dot" levels in the domain returned
> based upon the subnet.





More information about the OpenIndiana-discuss mailing list