OT: Greylisting and Yahoo Mailinglists
Chuck Swiger
cswiger at mac.com
Wed Jan 16 09:48:22 PST 2008
On Jan 15, 2008, at 11:23 PM, Heiko Wundram (Beenic) wrote:
> Am Dienstag, 15. Januar 2008 19:08:39 schrieb Chuck Swiger:
>> You didn't mention which mailserver or greylist software you are
>> using, but the postgrey implementation (for use with Postfix) has
>> this
>> in postgrey_whitelist_clients:
>>
>> # greylisting.org: Yahoo Groups servers (no retry)
>> scd.yahoo.com
>>
>> ...and you could choose to whitelist all of yahoo.com just as easily.
>
> I am using Postfix, but not postgrey, rather postfix-policyd, which
> does
> whitelisting of hosts based on IPs of the connecter. postfix-policyd
> comes
> with three blocks of IPs for the Yahoo Groups mailservers in the
> default
> whitelist, but none of the IPs I mentioned in my original mail falls
> into
> those groups.
OK. I use policy-weightd also; it doesn't greylist entries precisely,
but instead does RBL lookups and some checking of forward and reverse
DNS lookups, and then caches those results for a while. It will do a
good job of rejecting people claiming to send mail from a Yahoo
account if they do not use a mailserver in the yahoo.com domain:
Jan 16 03:21:52 <mail.info> pi postfix/smtpd[47289]: connect from
unknown[201.210.144.157]
Jan 16 03:21:54 <mail.info> pi postfix/policyd-weight[4912]: decided
action=450 temporarily blocked because of previous errors - retrying
too fast. penalty: 30 seconds x 0 retries.; delay: 0s
Jan 16 03:21:54 <mail.info> pi postfix/smtpd[47289]: NOQUEUE: reject:
RCPT from unknown[201.210.144.157]: 450 <bluefire at codefab.com>:
Recipient address rejected: temporarily blocked because of previous
errors - retrying too fast. penalty: 30 seconds x 0 retries.; from=<
tequila301 at yahoo.com> to=<bluefire at codefab.com> proto=ESMTP
helo=<dC9D2909D.dslam-13-9-34-06-2-02.alf.dsl.cantv.net>
Jan 16 03:21:55 <mail.info> pi postfix/smtpd[47289]: lost connection
after DATA from unknown[201.210.144.157]
...but almost always, this is forged email being sent as spam to
accounts which don't exist in my local domain, so it seems to be doing
the right thing here.
> Sorry for underspecifying my requirements, but that's the reason I
> was asking
> specifically. I knew about the postgrey whitelist entry you mentioned.
Right. Well, if you have some sample log lines from a known legit
sender which were being blocked, that would be helpful...
--
-Chuck
More information about the freebsd-questions
mailing list