Blocking emails that claim to come from our
Drew Marshall
drew at THEMARSHALLS.CO.UK
Wed Dec 7 11:34:09 GMT 2005
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
On Wed, December 7, 2005 10:43, Glenn Steen wrote:
> On 07/12/05, Erick Perez <eaperezh at gmail.com> wrote:
>> what about MS and postfix?
>> where do i implement that?
>>
> I'm at home on sick-leave (hopfully, just today....), so this is
> entirely from memory (and that is a bit flaky at best:-)...
Get well soon!
> As said, I apply a restriktion on helo and on senders so this might
> look something like (in main.cf "#" inserted to show where the lines
> are (wrapping))
> #
> smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname,
> reject_non_fqdn_hostname, check_helo_access
> hash:/path/to/access_map/file
> #
> smtpd_helo_restrictions = permit_mynetworks, check_sender_access
> hash:/path/to/access_map/file
> #
> And in the map file, you have a line rejecting your own domain...
> something like
> yourdomain.tld REJECT You are not me...
>
> Then couple that with the recipient maps check (for valid recipients),
> and then you can only receive mail from non-spoofing senders to valid
> recipients (that part is described well in the MailScanner wiki). You
> can, of course, couple these restrictions with any restrictions you
> feel are necessary ("man 5 postconf" is a good place to see exactly
> what settings you have available)
The only thing I would add is that sometimes helo rejection can be too
harsh (There are loads of Exchange boxes that have strange AD domains
setup due to AD getting confused over internal and external DNS and end up
heloing with something like exchange.domain.internal which will be
rejected with 'reject_invalid_hostname') so you might chose to add
'warn_if_reject' in front so you just log these and take a view on
rejection based on your hits (Like your best customer won't be rejected
for example!).
Drew
--
In line with our policy, this message has
been scanned for viruses and dangerous
content by MailScanner, and is believed to be clean.
www.themarshalls.co.uk/policy
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list