I almost forgot to pass along a link to a more comprehensive detailing of postfix’s anti-uce controls…. here. Also, in the last article I briefly mentioned whitelisting. IF you intend to have several blacklists active it will pay to learn how to whitelist before you HAVE to. To do so, I simply created a text file at /etc/postfix/whitelist and int hat file you enter IP address or hostname followed by OK…. like this….
But… of course, there’s a bit more.
Since I’m using smtpd_client_restrictions for the blacklist lookups, I’m adding in the search for the whitelist there….
smtpd_client_restrictions = check_client_access hash:/etc/postfix/whitelist
You also need to postmap that file after any changes…
I’ve also been in the habit of reloading postfix after a change like that (although I don’t know that it’s necessary.)
It should be noted that the rules of who accesses your server in smtpd_client_restrictions and the other restriction checks are important to be considered as occuring in the order listed. In other words, it matters whether something comes first or last in the list. For instance… if a host is in an ACCEPT rule before they are in a REJECT list they will be accepted, also… if they are in the matching REJECT rule before the ACCEPT rule is found they will be rejected.
Related PostsRelated Posts
- Hiding malware may evade antivirus Sans had an interesting malware analysis this morning about a blob that appeared to be ascii text (gibberish) that was retrieved by a piece of malware. It turns out that the ascii text was a cleverly encoded exe file (windows executable or program file.) It took several iterations of their......
- Using ssh to protect web browsing over wireless or other hostile networks This really could be used to encyrpt web traffic over any "hostile" network. Here's what I'm talking about. Laptop using wireless. Within our internal network we would LIKE all our web traffic to be encrypted at least from the laptop to a wired host. (From there to the outside world......
- Moving from Evolution to Konqueror After several weeks of good behaviour from Evolution 2.4 since the Mandriva 2006 upgrade, I started getting a wierd error on sending messages *(Mail From response Error Unknown). Nothing within my settings for Evolution had changed since the night before when things worked... I tested with Kontact and was able......
- Mountain Biking Basics Trail cycling is a great way to explore the outdoors, stay fit, or simply have fun. Racing down the side of a mountain is a large amount of fun indeed, though it may also be quite dangerous. Although it's dangerous, if you ride with caution, it can be enjoyed by......
- Tips for Investing Online The concept of doing your investing online through the use of an online web portal has truly revolutionized everything that financial trading is all about, especially in stock exchanges and in the FOREX market. Availability of resources like quick internet connectivity and portable laptop computers has made it even simpler......
- Snug Harbor Marina, Carlsbad, CA Snug Harbor Marina is located in: Carlsbad, CA Phone: (916) 775-1455 Dock/Slip Rates: The marina management states: Basic rule for covered berth charges: $7.00 per foot (berth length) per month for long term leases. (Over 6 months). Basic rule for Open slips and docks: $6.00 per ft of dock space......
- More postfix spam blocking….
- Postgrey and the power of Greylisting to fight Spam
- Blacklists and rejecting mail with Sendmail
- Bellsouth/ AT&T mail problems
- Is something up with ordb.org?