calum.org:~#

Search results for spam

Posts

Postfix Antispam
Missing the point of SPF
Email blacklists
rm strcpy

Comments

Here is a slightly old but still useful presentation from Ohio LinuxFest 2004 about dealing with spam in Postfix. http://www.potentialtech.com/wmoran/spam.pdf
Of course, there'll always be some mail servers that don't follow the RFCs properly. Checking the logs, I noticed the following: Sep 26 03:11:47 hosting postfix/smtpd[19263]: connect from mail7.exchange.microsoft.com[131.107.1.27] Sep 26 03:11:49 hosting postfix/smtpd[19263]: NOQUEUE: reject: RCPT from mail7.exchange.microsoft.com[131.107.1.27]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Sep 26 03:11:49 hosting postfix/smtpd[19263]: disconnect from mail7.exchange.microsoft.com[131.107.1.27] Now, according to the SMTP RFC (http://www.ietf.org/rfc/rfc2821.txt): The domain name given in the EHLO command MUST BE either a primary host name (a domain name that resolves to an A RR) or, if the host has no name, an address literal as described in section 4.1.1.1. So why isn't there a DNS entry for df-gwy-07.exchange.corp.microsoft.com? Anyway, to allow these broken setups to skip the "reject_unknown_hostname" in "smtpd_helo_restrictions", (as I don't want to disable it - it catches 95% of the spam) - you need to do the following: * In main.cf, add parent_domain_matches_subdomains = yes * In the smtpd_helo_restrictions section, add "check_helo_access hash:/etc/postfix/helo_access" * In that helo_access file, list the offending "HELO/EHLOs" - in this case: .exchange.corp.microsoft.com OK * Finally, run postmap /etc/postfix/helo_access to build the DB file, and restart postfix. It does appear to be a problem more with some mail server admins than others. (https://www.nearlyfreespeech.net/about/email.php#software)