Re: Postfix trouble
On Fri, Sep 16, 2005 at 07:22:09PM +0300, Adrian Minta wrote:
> I need an advice on the following problem:
> I setup an email server for a small ISP. The server is sarge with
> postfix as MTA. Unfortunately some of the clients contacted a
> virus/spambot that is sending spam via my mail server. I want to bloc
> spam that came from $mynetworks but the sender in not in $relay_domains.
> Is such thing possible ?
it's probably possible, but not a good idea. since any mail client
can claim to be sending from any sender address, any kind of relay
control based on sender address is an open relay or other mess waiting
to happen.
spam-filtering on outbound messages is a good thing to do - as others
have already suggested.
also, you might want to look at using a policy daemon to rate-limit
outbound messages.
debian has one that can do rate-limiting/throttling as well as
grey-listing. dunno if it's in sarge, but it's definitely in sid. it
should be easy enough to recompile for sarge if it's not there already
(or look on backports.org).
it looks pretty good, but it has the disadvantage of using mysql (i dont
think that tying any MTA directly to a database server is a good idea)
Package: postfix-policyd
Version: 1.55-1
Depends: libc6 (>= 2.3.2.ds1-21), libmysqlclient12, zlib1g (>= 1:1.2.1)
Description: anti-spam plugin for Postfix
Policyd is an anti-spam plugin for Postfix (MySQL based) that
does Greylisting, Sender-(envelope or SASL)-based throttling
(on messages and / or volume per defined time unit), Spamtrap
monitoring / blacklisting and HELO auto blacklisting.
one big plus for the program is that the author of postfix-policyd is
a regular on the postfix-users mailing list and has proven to be very
knowledgeable and helpful.
craig
--
craig sanders <cas@taz.net.au> (part time cyborg)
Reply to: