Приветствую категорически. Ситуация: postfix 2.5.5 на freebsd 7.1 в роли фронтэнд сервера, форвардит почту в локалку на ms exchange 2003. Борюсь со спамом его средствами. Однако проходит спам с подобными заголовками:
Received: from dsl88-247-1665.ttnet.net.tr (unknown [88.247.6.129])
Received: from adsl-dynamic-pool-xxx.hcm.fpt.vn (unknown [118.68.220.246])Кон-ция:
unknown_local_recipient_reject_code = 550
relay_recipient_maps =
unknown_relay_recipient_reject_code = 550
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
check_helo_access regexp:/usr/local/etc/postfix/spam/helo_regexp,
reject_invalid_hostname,
permit
smtpd_sender_restrictions =
permit_mynetworks,
check_sender_access regexp:/usr/local/etc/postfix/spam/sender_access,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit
smtpd_recipient_restrictions =
reject_unauth_pipelining
check_recipient_access regexp:/usr/local/etc/postfix/spam/recipient_access
reject_non_fqdn_recipient
reject_non_fqdn_sender
reject_unknown_sender_domain
reject_unknown_recipient_domain
permit_mynetworks
reject_unauth_destination
check_helo_access pcre:/usr/local/etc/postfix/spam/helo_checks.cf
reject_non_fqdn_hostname
reject_invalid_hostname
check_sender_mx_access cidr:/usr/local/etc/postfix/spam/rfc1918net.cf
smtpd_client_restrictions =
permit_mynetworks,
check_client_access hash:/usr/local/etc/postfix/spam/client_access,
check_client_access regexp:/usr/local/etc/postfix/spam/dul_checks,
reject_rbl_client dnsbl.sorbs.net
reject_rhsbl_sender rhsbl.sorbs.net
permit
smtpd_data_restrictions =
reject_multi_recipient_bounce
Побродил по инету и накидал новый конфиг:
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_delay_reject = yes
smtpd_client_restrictions =
permit_mynetworks,
check_client_access hash:/usr/local/etc/postfix/spam/client_access,
check_client_access regexp:/usr/local/etc/postfix/spam/dul_checks,
reject_rbl_client dnsbl.sorbs.net
reject_rhsbl_sender rhsbl.sorbs.net
permit
reject_unknown_client
reject_multi_recipient_bounce,
reject_unauth_pipelining
smtpd_helo_restrictions =
permit_mynetworks,
check_helo_access regexp:/usr/local/etc/postfix/spam/helo_regexp,
reject_invalid_hostname
reject_unknown_hostname
reject_non_fqdn_hostname
smtpd_sender_restrictions =
permit_mynetworks,
check_sender_access regexp:/usr/local/etc/postfix/spam/sender_access,
reject_unlisted_sender
reject_non_fqdn_sender,
reject_unknown_sender_domain,
smtpd_recipient_restrictions =
permit_mynetworks
permit_auth_destination
reject_unauth_pipelining
check_recipient_access regexp:/usr/local/etc/postfix/spam/recipient_access
reject_non_fqdn_recipient
reject_non_fqdn_sender
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unauth_destination
check_helo_access pcre:/usr/local/etc/postfix/spam/helo_checks.cf
reject_non_fqdn_hostname
reject_invalid_hostname
check_sender_mx_access cidr:/usr/local/etc/postfix/spam/rfc1918net.cf
reject_unlisted_recipient,
reject
smtpd_data_restrictions =
reject_multi_recipient_bounce
smtpd_etrn_restrictions = reject
smtpd_reject_unlisted_sender = yes
smtpd_hard_error_limit = 8
smtpd_hard_error_limit = 5
smtpd_timeout = 120s
smtpd_timeout = 30s
show_user_unknown_table_name = no
smtpd_client_connection_count_limit = 15
smtpd_client_connection_rate_limit = 10
smtpd_client_message_rate_limit = 5
anvil_rate_time_unit = 30s
smtpd_recipient_limit = 5
smtpd_recipient_overshoot_limit = 5
smtpd_junk_command_limit = 5
smtpd_error_sleep_time = 10s
smtpd_soft_error_limit = 3
hopcount_limit = 5
#Не уверен насчет изменения кодов ошибок. Нужно ли?
#unverified_recipient_reject_code = 550
#invalid_hostname_reject_code = 550
#non_fqdn_reject_code = 550
#unknown_address_reject_code = 550
#unknown_client_reject_code = 550
#unknown_hostname_reject_code = 550
#unverified_sender_reject_code = 550
Прошу проверить, добавить нужное, удалить ненужное :) Спасибо