Date: Wed, 16 Jan 2008 09:48:21 -0800 From: Chuck Swiger <cswiger@mac.com> To: Heiko Wundram (Beenic) <wundram@beenic.net> Cc: freebsd-questions@freebsd.org Subject: Re: OT: Greylisting and Yahoo Mailinglists Message-ID: <288C5238-D420-4E52-953F-20E532748CFD@mac.com> In-Reply-To: <200801160823.48265.wundram@beenic.net> References: <200801151013.20051.wundram@beenic.net> <410A0115-E23C-4163-B46F-826F8DC9FCBA@mac.com> <200801160823.48265.wundram@beenic.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 15, 2008, at 11:23 PM, Heiko Wundram (Beenic) wrote: > Am Dienstag, 15. Januar 2008 19:08:39 schrieb Chuck Swiger: >> You didn't mention which mailserver or greylist software you are >> using, but the postgrey implementation (for use with Postfix) has >> this >> in postgrey_whitelist_clients: >> >> # greylisting.org: Yahoo Groups servers (no retry) >> scd.yahoo.com >> >> ...and you could choose to whitelist all of yahoo.com just as easily. > > I am using Postfix, but not postgrey, rather postfix-policyd, which > does > whitelisting of hosts based on IPs of the connecter. postfix-policyd > comes > with three blocks of IPs for the Yahoo Groups mailservers in the > default > whitelist, but none of the IPs I mentioned in my original mail falls > into > those groups. OK. I use policy-weightd also; it doesn't greylist entries precisely, but instead does RBL lookups and some checking of forward and reverse DNS lookups, and then caches those results for a while. It will do a good job of rejecting people claiming to send mail from a Yahoo account if they do not use a mailserver in the yahoo.com domain: Jan 16 03:21:52 <mail.info> pi postfix/smtpd[47289]: connect from unknown[201.210.144.157] Jan 16 03:21:54 <mail.info> pi postfix/policyd-weight[4912]: decided action=450 temporarily blocked because of previous errors - retrying too fast. penalty: 30 seconds x 0 retries.; delay: 0s Jan 16 03:21:54 <mail.info> pi postfix/smtpd[47289]: NOQUEUE: reject: RCPT from unknown[201.210.144.157]: 450 <bluefire@codefab.com>: Recipient address rejected: temporarily blocked because of previous errors - retrying too fast. penalty: 30 seconds x 0 retries.; from=< tequila301@yahoo.com> to=<bluefire@codefab.com> proto=ESMTP helo=<dC9D2909D.dslam-13-9-34-06-2-02.alf.dsl.cantv.net> Jan 16 03:21:55 <mail.info> pi postfix/smtpd[47289]: lost connection after DATA from unknown[201.210.144.157] ...but almost always, this is forged email being sent as spam to accounts which don't exist in my local domain, so it seems to be doing the right thing here. > Sorry for underspecifying my requirements, but that's the reason I > was asking > specifically. I knew about the postgrey whitelist entry you mentioned. Right. Well, if you have some sample log lines from a known legit sender which were being blocked, that would be helpful... -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?288C5238-D420-4E52-953F-20E532748CFD>