public blacklists

David Cary Hart Fedora at TQMcube.com
Wed Dec 8 16:42:36 UTC 2004 

On Wed, 2004-12-08 at 16:25 +0000, D. D. Brierton wrote:
> I'd be curious to know if this would work in my setup. I have fetchmail
> pull mail from various POP3 mailboxes on external mailservers and
> deliver it to postfix. Now if I put the above lines in my postfix
> main.cf what would happen? fetchmail would attempt to deliver mail from
> blacklisted addresses to postfix, which would then reject it. But would
> it end up just remaining in the external POP3 box waiting to be
> downloaded by fetchmail again?
> 
I am not at all familiar with fetchmail. During a transition period, we
effected ISP mail forwarding instead. The only software associated with
this our endeavor is Postfix. Here's the complete UCE section. We are
virtually spam free:

header_checks = regexp:/etc/postfix/header_checks
body_checks = regexp:/etc/postfix/body_checks
mime_header_checks = regexp:/etc/postfix/mime_checks
disable_mime_input_processing = no
strict_7bit_headers = yes
#
parent_domain_matches_subdomains = smtpd_access_maps
#
smtpd_delay_reject = no
smtpd_helo_required = yes
disable_vrfy_command = yes
#
smtpd_recipient_restrictions =
    permit_mynetworks,
#    reject_unknown_client,
    reject_invalid_hostname,
#    reject_unknown_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    permit_sasl_authenticated,
    reject_unauth_destination,
    check_recipient_access regexp:/etc/postfix/recipient_checks,
    check_helo_access regexp:/etc/postfix/helo_checks,
    check_sender_access hash:/etc/postfix/access,
    check_sender_access regexp:/etc/postfix/access_checks,
    check_sender_access regexp:/etc/postfix/sender_checks,
    check_client_access cidr:/etc/postfix/client_checks.cidr,
    check_client_access regexp:/etc/postfix/client_checks,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    permit
#
smtpd_data_restrictions =
	    reject_unauth_pipelining,
	    permit

> -- 
> =====================================================================
> D. D. Brierton            darren at dzr-web.com          www.dzr-web.com
>        Trying is the first step towards failure (Homer Simpson)
> =====================================================================
>

More information about the fedora-list mailing list