stricter postfix settings
paul at darkrain42.org
Sun Jun 13 23:54:20 EDT 2010
On 2010-06-13 14:22, Ethan Blanton wrote:
> Paul Aurich spake unto us the following wisdom:
>> At John's suggestion, I'm bringing this up here.
>> It would be nice if the pidgin.im mail servers were a bit more
>> restrictive in what mail they accept. In particular, my
>> (darkrain42.org) mail server is routinely rejecting a message or two
>> coming from bogus domains:
>> postfix/smtpd: NOQUEUE: reject: RCPT from rock.pidgin.im[188.8.131.52]:
>> 450 4.1.8 <apache at localhost.localdomain>: Sender address rejected:
>> Domain not found; from=<apache at localhost.localdomain>
>> to=<paul at darkrain42.org> proto=ESMTP helo=<rock.pidgin.im>
> We have traditionally handled such things with per-user spam filters
> (spamprobe is available on rock, as is spamassassin; the latter can
> check for this condition). I could be convinced to add this
> particular check to the default config, if there's general
> concurrence. I find it annoying, myself, but basically everyone has
> to have their outgoing mail set up to spoof as necessary, anyway,
> since so many servers set it.
A [growing] number of people (myself included) with mail aliases don't
have accounts, so we can't set up spam filters. (I also suspect a
.forward would use a valid sender address, though I don't think I've
looked.) I might be the only one who compulsively reads all my logcheck
>> There might be other things that could be added (greylisting or pinging
>> an RBL come to mind), but I don't feel as strongly about those.
> I am personally opposed to both of these. Greylisting slows down
> legitimate emails by a potentially long time (if mail servers are set
> conservatively, as they should be, it can reasonably be several
> hours). As far as RBLs ... there are RBLs and then there are RBLs.
> I'd prefer to leave this up to the individual user's spam filters.
> I'll push back on both greylisting and RBLs, but I am ultimately only
> one voice.
I figure that's the general sentiment on both (and I don't think any
spam forwarded via pidgin.im reaches my inbox, so I don't care much). I
thought I'd mention them just in case. :)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 897 bytes
Desc: OpenPGP digital signature
More information about the Discussion