[NBLUG/talk] Hosts file and spam filtering
omar at omnicode.com
Wed Apr 22 11:20:09 PDT 2015
Thanks Robert. It works with getent. I added the entry and I'll see if
it works. What I really need is an app that checks gethostbyname() or
the newer getaddrinfo() which I think postfix uses. I think I'll create
a simple one when I have the time.
One would think that white listing something like this would be easy in
Postfix, but as far as I can tell it's not. One problem is that white
list parameters for ip addresses are way too broad. I'd have to let
that ip address relay email if I used it. The other problem is the
order of tests. I believe that the reverse client check takes place
before other white listing features, so it will block before it gets a
chance to whitelist. Like I said, I have a milter that can do these
checks. I think that's what I'm going to have to rely on in the future.
On 4/22/2015 10:31 AM, Robert P. Thille wrote:
>> On Apr 22, 2015, at 10:12 AM, Omar Eljumaily <omar at omnicode.com> wrote:
>> Anybody an expert on DNS and Postfix spam filtering? My problem is that I use smtpd_client_restrictions check_reverse_client_hostname to check for senders that don't have a reverse client host name. It blocks an average of about 3,000 potential spam requests per day, so I consider it very effective.
>> The problem is that there are a few admins who refuse to configure their mail servers properly, so I'm left trying to create a white list for these few senders.
>> The easiest way I thought of doing the white list is to use the /etc/hosts file to kluge in a reverse lookup. I've seen docs that talk about reverse lookups in hosts files. However, I'm having a more basic problem. I try to enter something like:
>> 192.168.1.1 test.mydomain.com
>> Then use the command:
>> host test.mydomain.com
> “host” uses DNS, not the system resolver.
> To test what a “normal” host lookup does, try ‘getent’ as in:
> rthille at hostname:~$ getent hosts test.mydomain.com
> rthille at hostname:~$ getent hosts www.google.com
> 2607:f8b0:4002:c03::6a www.google.com
> rthille at hostname:~$
> getent is a Debian thing, I forget what package you need to install to get it, and other distros might not have it.
> OTOH, I think putting a whitelist in Postfix might be a better approach, but I run qmail, so I can’t help you with that :-)
> talk mailing list
> talk at nblug.org
More information about the talk