[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Blacklist usage in zmailer
- To: zmailer@nic.funet.fi
- Subject: Re: Blacklist usage in zmailer
- From: Mike Acar <mike@trolltech.com>
- Date: Mon, 02 Sep 2002 19:49:08 +0200
- In-Reply-To: Message from Matti Aarnio <mea@nic.funet.fi> of "Thu, 29 Aug 2002 22:00:43 +0300." <20020829220043.A26957@nic.funet.fi>
- Original-Recipient: rfc822;zmailer-log@nic.funet.fi
- Sender: zmailer-owner@nic.funet.fi
Matti Aarnio <mea@nic.funet.fi> wrote:
> On Thu, Aug 29, 2002 at 11:13:47AM -0300, Rik van Riel wrote:
> > On Tue, 27 Aug 2002, Mike Acar wrote:
> > > Some time ago we started using various anti-spam blacklists
> > >
> > > I'd like to be able to make exceptions for mail destined to
> > > particular addresses (e.g. our sales mailbox) or from certain servers.
> >
> > I'd also like to be able to do something like this. To be
> > more specific, I _always_ want to accept email to abuse@
> > and postmaster@ addresses, while filtering email to the
> > other addresses with DNSBLs.
[...]
> This is quite easy. You list all addresses you wish always
> to relay to at the smtp-policy.relay(.manual) file.
[...]
> On the other hand, if you are already working with DELAYED
> RBL model, e.g. using "TestRcptDnsRBL", then the current
> code is just fine.
Ok, I think I've gotten what I want more-or-less working, but given my
lack of experience with zmailer I'd like the group's opinion of this
simplified smtp-policy.src:
-begin-
. relaycustomer - acceptifmx - relaytarget - = _rbl0
[0.0.0.0]/0 relaycustomer - acceptifmx - relaytarget - = _rbl0
_rbl0 rcpt-dns-rbl our.test.dnsbl.zone. = _rbl1
_rbl1 test-rcpt-dns-rbl +
_full_rights rejectnet - relaycustnet + relaycustomer + relaytarget + fulltrustnet +
_localnames rejectnet - relaycustnet - localdomain + relaytarget + test-rcpt-dns-rbl +
[our network] = _full_rights
-end-
I put an address into our test DNSBL zone and used smtpserver -i -T
'[address]' to test it. Mail to addresses listed in
smtp-policy.relay.manual still receive mail, though mail to other
addresses is rejected. Yippee! :)
I suppose I could actually discard the _rbl0 and _rbl1 tags and just
list the rcpt-dns-rbl and test-rcpt-dns-rbl attributes for the default
keys.
However, we have quite a number of domains in our localnames file, and
unless I added "test-rcpt-dns-rbl +" to _localnames mail to any address
with a domain which is a local name was accepted. Is adding
"test-rcpt-dns-rbl +" likely to cause any problems? Or is it too
site-specific to say in the general case?
Any other thoughts? Thanks for your input.
--
Brilliance and gorgeousness | Mike Acar
And we tell ourselves we don't want the treasures | mike@trolltech.com
But we hate the glass anyway |
-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi