[NBLUG/talk] Hosts file and spam filtering

Omar Eljumaily omar at omnicode.com
Wed Apr 22 11:20:09 PDT 2015 

Thanks Robert.  It works with getent.  I added the entry and I'll see if 
it works.  What I really need is an app that checks gethostbyname() or 
the newer getaddrinfo() which I think postfix uses.  I think I'll create 
a simple one when I have the time.

One would think that white listing something like this would be easy in 
Postfix, but as far as I can tell it's not.  One problem is that white 
list parameters for ip addresses are way too broad.  I'd have to let 
that ip address relay email if I used it.  The other problem is the 
order of tests.  I believe that the reverse client check takes place 
before other white listing features, so it will block before it gets a 
chance to whitelist.  Like I said, I have  a milter that can do these 
checks.  I think that's what I'm going to have to rely on in the future.

Thanks,

Omar


On 4/22/2015 10:31 AM, Robert P. Thille wrote:
>> On Apr 22, 2015, at 10:12 AM, Omar Eljumaily <omar at omnicode.com> wrote:
>>
>> Anybody an expert on DNS and Postfix spam filtering?  My problem is that I use smtpd_client_restrictions check_reverse_client_hostname to check for senders that don't have a reverse client host name.  It blocks an average of about 3,000 potential spam requests per day, so I consider it very effective.
>>
>> The problem is that there are a few admins who refuse to configure their mail servers properly, so I'm left trying to create a white list for these few senders.
>>
>> The easiest way I thought of doing the white list is to use the /etc/hosts file to kluge in a reverse lookup.  I've seen docs that talk about reverse lookups in hosts files.  However, I'm having a more basic problem.  I try to enter something like:
>>
>> 192.168.1.1    test.mydomain.com
>>
>> Then use the command:
>>
>> host test.mydomain.com
> “host” uses DNS, not the system resolver.
> To test what a “normal” host lookup does, try ‘getent’ as in:
>      rthille at hostname:~$ getent hosts test.mydomain.com
>      rthille at hostname:~$ getent hosts www.google.com
>      2607:f8b0:4002:c03::6a www.google.com
>      rthille at hostname:~$
>
> getent is a Debian thing, I forget what package you need to install to get it, and other distros might not have it.
>
> OTOH, I think putting a whitelist in Postfix might be a better approach, but I run qmail, so I can’t help you with that :-)
>
> Robert
> _______________________________________________
> talk mailing list
> talk at nblug.org
> http://nblug.org/cgi-bin/mailman/listinfo/talk

More information about the talk mailing list