 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Tom Metro posted (on the bblisa list) an item that sent me down what's turned out to be a complicated path of attempting to redesign my spam filtering. It boiled down to a pretty simple question that I haven't been able to answer, and perhaps one of y'all has had to deal with this. Assumption: you have a handful of email addresses, in a (smaller) handful of domains, that you want to accept inbound mail for, and the rules are straightforward enough to put in (say) /etc/postfix/virtusertable. Question: how to I configure postfix on my inbound relay(s) to 550-reject messages sent do any address that isn't defined in that virtusertable? What I read online suggests that the default postfix config does this already. But it doesn't on my setup: it accepts and queues the incoming message and then generates a separate bounce-back sender non-delivery notification, seemingly ignoring the virtusertable entirely. I include the few relevant items from main.cf below, I don't think any of them would alter the bounce behavior. My goal is to reject most spam before passing it along to spamassassin, by implementing 3 types of rejection filters: - Recipient not in my destination whitelist (virtusertable) - Sender IP found in one of the (reliable) RBLs - Greylist any sender From address not in my origin whitelist Any header which hits one of the above should get the ol' 550 reject. It's surprisingly hard to implement this, and the postfix doc isn't user friendly. (Yes, I'm the curmudgeon whose personal email server will eventually be pried out of my cold/dead hands despite the lunacy of trying to keep one running in this day and age of Gmail et al....) -rich myhostname = smtp02.ci.net myorigin = pioneer.ci.net inet_interfaces = all mydestination = smtp02.ci.net, smtp02.ci.net, localhost.ci.net, localhost unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtusertable mynetworks_style = subnet mynetworks = 192.168.2.0/26, 192.168.2.99/32, 192.168.2.110/32, 127.0.0.0/8 relay_domains = (redacted) relayhost = (redacted) in_flow_delay = 0 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
